how to set log retention days for Cloudfront function in terraform?-CodePudding

I have an example Cloudfront function:

resource "aws_cloudfront_function" "cool_function" {

  name    = "cool-function"
  runtime = "cloudfront-js-1.0"
  comment = "The cool function"
  publish = true
  code    = <<EOT
function handler(event) {
    var headers = event.request.headers;
    if (
        typeof headers.coolheader === "undefined" ||
        headers.coolheader.value !== "That_is_cool_bro"
    ) {
        console.log("That is not cool bro!")
    }
    return event.request;
}
EOT
}

When I create this function, Cloudwatch /aws/cloudfront/function/cool-function log group will be created automatically

But log group retention policy is Never Expire

And I can't see any parameters in terraform that allow to set retention days

So the question is:

is it possible to automatically import aws_cloudwatch_log_group every time when Cloudfront function creating and change retention_in_days for this resource?

CodePudding user response：

You need to define the aws_cloudwatch_log_group with the given name yourself, specify the correct retention and then create an explicit depends_on relation between the function and the log group to ensure the log group is created first. For migration purposes you now would need to import already created log groups into your terraform state.

resource "aws_cloudfront_function" "cool_function" {
    name    = "cool-function"
    ...
    depends_on = [
        aws_cloudwatch_log_group.logs
    ]
}

resource "aws_cloudwatch_log_group" "logs" {
    name              = "/aws/cloudfront/function/cool-function"
    retention_in_days = 123
    ...
}