feat: add log retention and fix log group naming

transcend-io · Jul 17, 2022 · 67e83d8 · 67e83d8
1 parent aa5efcc
commit 67e83d8
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 18 deletions.
diff --git a/main.tf b/main.tf
@@ -72,6 +72,11 @@ resource "aws_lambda_function" "lambda" {
       last_modified,
     ]
   }
+
+  depends_on = [
+    aws_iam_role_policy.logs_role_policy,
+    aws_cloudwatch_log_group.log_group,
+  ]
 }
 
 /**
@@ -140,9 +145,10 @@ resource "aws_iam_role_policy" "logs_role_policy" {
  * of the CloudFront edge location handling the request.
  */
 resource "aws_cloudwatch_log_group" "log_group" {
-  name = "/aws/lambda/${var.name}"
-  tags = var.tags
-  kms_key_id = var.cloudwatch_log_groups_kms_arn
+  name              = "/aws/lambda/us-east-1.${var.name}"
+  tags              = var.tags
+  kms_key_id        = var.cloudwatch_log_groups_kms_arn
+  retention_in_days = 14
 }
 
 /**

diff --git a/outputs.tf b/outputs.tf
@@ -10,10 +10,10 @@ output "function_name" {
   value = var.name
 }
 
-output execution_role_name {
+output "execution_role_name" {
   value = aws_iam_role.lambda_at_edge.name
 }
 
-output execution_role_arn {
+output "execution_role_arn" {
   value = aws_iam_role.lambda_at_edge.arn
 }
diff --git a/variables.tf b/variables.tf
@@ -1,52 +1,52 @@
-variable name {
+variable "name" {
   description = "Name of the Lambda@Edge Function"
 }
 
-variable description {
+variable "description" {
   description = "Description of what the Lambda@Edge Function does"
 }
 
-variable s3_artifact_bucket {
+variable "s3_artifact_bucket" {
   description = "Name of the S3 bucket to upload versioned artifacts to"
 }
 
-variable tags {
+variable "tags" {
   type        = map(string)
   description = "Tags to apply to all resources that support them"
   default     = {}
 }
 
-variable lambda_code_source_dir {
+variable "lambda_code_source_dir" {
   description = "An absolute path to the directory containing the code to upload to lambda"
 }
 
-variable file_globs {
+variable "file_globs" {
   type        = list(string)
   default     = ["index.js", "node_modules/**", "yarn.lock", "package.json"]
   description = "list of files or globs that you want included from the lambda_code_source_dir"
 }
 
-variable local_file_dir {
+variable "local_file_dir" {
   description = "A path to the directory to store plan time generated local files"
   default     = "."
 }
 
-variable runtime {
+variable "runtime" {
   description = "The runtime of the lambda function"
   default     = "nodejs14.x"
 }
 
-variable handler {
+variable "handler" {
   description = "The path to the main method that should handle the incoming requests"
   default     = "index.handler"
 }
 
-variable config_file_name {
+variable "config_file_name" {
   description = "The name of the file var.plaintext_params will be written to as json"
   default     = "config.json"
 }
 
-variable plaintext_params {
+variable "plaintext_params" {
   type        = map(string)
   default     = {}
   description = <<EOF
@@ -66,7 +66,7 @@ variable plaintext_params {
   EOF
 }
 
-variable ssm_params {
+variable "ssm_params" {
   type        = map(string)
   default     = {}
   description = <<EOF
@@ -93,7 +93,7 @@ variable ssm_params {
   EOF
 }
 
-variable cloudwatch_log_groups_kms_arn {
+variable "cloudwatch_log_groups_kms_arn" {
   type        = string
   description = "KMS ARN to encrypt the log group in cloudwatch"
   default     = null