From 99a6bb4127493d4ec2cf6d44654c5b40a0c1b2cf Mon Sep 17 00:00:00 2001 From: Momo Kornher Date: Wed, 31 Jan 2024 13:34:15 +0000 Subject: [PATCH] fix: revert deprecation of `logRetention` properties (#28934) ### Issue Closes #28919 ### Reason for this change In https://github.com/aws/aws-cdk/pull/28737 and https://github.com/aws/aws-cdk/pull/28783 we have deprecated various `logRetention` properties in favor of the new Logging Configuration feature for Lambda Functions. This new feature provides full control over the Lambda Function log group via the `logGroup` property. However Logging Configuration is not available yet for all regions. Particularly GovCloud and CN regions (at the time this issue was created). For customers in of these regions there is currently no clear migration path. We therefore revert the deprecation of previously deprecated properties. ### Description of changes Revert the deprecation of previously deprecated `logRetention` properties. Update documentation to be more explicit about the various options customers have. ### Description of how you validated changes Documentation & annotation change only. This is a partial revert of the PRs linked about, with minor documentation updates. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk-lib/aws-lambda/README.md | 19 +++++++++++++++ .../aws-cdk-lib/aws-lambda/lib/function.ts | 23 +++++++++++++------ .../lib/bucket-deployment.ts | 7 +++++- .../aws-custom-resource.ts | 7 +++++- .../lib/provider-framework/provider.ts | 7 +++++- 5 files changed, 53 insertions(+), 10 deletions(-) diff --git a/packages/aws-cdk-lib/aws-lambda/README.md b/packages/aws-cdk-lib/aws-lambda/README.md index f04c725aebd6e..8358e353ab422 100644 --- a/packages/aws-cdk-lib/aws-lambda/README.md +++ b/packages/aws-cdk-lib/aws-lambda/README.md @@ -1011,6 +1011,25 @@ new lambda.Function(this, 'Lambda', { }); ``` +Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. +If you are deploying to another type of region, please check regional availability first. + +### Legacy Log Retention + +As an alternative to providing a custom, user controlled log group, the legacy `logRetention` property can be used to set a different expiration period. +This feature uses a Custom Resource to change the log retention of the automatically created log group. + +By default, CDK uses the AWS SDK retry options when creating a log group. The `logRetentionRetryOptions` property +allows you to customize the maximum number of retries and base backoff duration. + +*Note* that a [CloudFormation custom +resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cfn-customresource.html) is added +to the stack that pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the +correct log retention period (never expire, by default). This Custom Resource will also create a log group to log events of the custom resource. The log retention period for this addtional log group is hard-coded to 1 day. + +*Further note* that, if the log group already exists and the `logRetention` is not set, the custom resource will reset +the log retention to never expire even if it was configured with a different value. + ## FileSystem Access You can configure a function to mount an Amazon Elastic File System (Amazon EFS) to a diff --git a/packages/aws-cdk-lib/aws-lambda/lib/function.ts b/packages/aws-cdk-lib/aws-lambda/lib/function.ts index e3b8a1bde981a..b887017d65e4d 100644 --- a/packages/aws-cdk-lib/aws-lambda/lib/function.ts +++ b/packages/aws-cdk-lib/aws-lambda/lib/function.ts @@ -384,17 +384,21 @@ export interface FunctionOptions extends EventInvokeConfigOptions { * this property, unsetting it doesn't remove the log retention policy. To * remove the retention policy, set the value to `INFINITE`. * - * @default logs.RetentionDays.INFINITE - * - * @deprecated instead create a fully customizable log group with `logs.LogGroup` and use the `logGroup` property to instruct the Lambda function to send logs to it. + * This is a legacy API and we strongly recommend you move away from it if you can. + * Instead create a fully customizable log group with `logs.LogGroup` and use the `logGroup` property + * to instruct the Lambda function to send logs to it. * Migrating from `logRetention` to `logGroup` will cause the name of the log group to change. * Users and code and referencing the name verbatim will have to adjust. * * In AWS CDK code, you can access the log group name directly from the LogGroup construct: * ```ts + * import * as logs from 'aws-cdk-lib/aws-logs'; + * * declare const myLogGroup: logs.LogGroup; * myLogGroup.logGroupName; * ``` + * + * @default logs.RetentionDays.INFINITE */ readonly logRetention?: logs.RetentionDays; @@ -402,9 +406,10 @@ export interface FunctionOptions extends EventInvokeConfigOptions { * The IAM role for the Lambda function associated with the custom resource * that sets the retention policy. * - * @default - A new role is created. + * This is a legacy API and we strongly recommend you migrate to `logGroup` if you can. + * `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it. * - * @deprecated instead use `logGroup` to create a fully customizable log group and instruct the Lambda function to send logs to it. + * @default - A new role is created. */ readonly logRetentionRole?: iam.IRole; @@ -412,9 +417,10 @@ export interface FunctionOptions extends EventInvokeConfigOptions { * When log retention is specified, a custom resource attempts to create the CloudWatch log group. * These options control the retry policy when interacting with CloudWatch APIs. * - * @default - Default AWS SDK retry options. + * This is a legacy API and we strongly recommend you migrate to `logGroup` if you can. + * `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it. * - * @deprecated instead use `logGroup` to create a fully customizable log group and instruct the Lambda function to send logs to it. + * @default - Default AWS SDK retry options. */ readonly logRetentionRetryOptions?: LogRetentionRetryOptions; @@ -482,6 +488,9 @@ export interface FunctionOptions extends EventInvokeConfigOptions { * * Use the `logGroup` property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it. * + * Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. + * If you are deploying to another type of region, please check regional availability first. + * * @default `/aws/lambda/${this.functionName}` - default log group created by Lambda */ readonly logGroup?: logs.ILogGroup; diff --git a/packages/aws-cdk-lib/aws-s3-deployment/lib/bucket-deployment.ts b/packages/aws-cdk-lib/aws-s3-deployment/lib/bucket-deployment.ts index ea2c6fb36f922..b5a817c6e212a 100644 --- a/packages/aws-cdk-lib/aws-s3-deployment/lib/bucket-deployment.ts +++ b/packages/aws-cdk-lib/aws-s3-deployment/lib/bucket-deployment.ts @@ -111,14 +111,19 @@ export interface BucketDeploymentProps { /** * The number of days that the lambda function's log events are kept in CloudWatch Logs. * + * This is a legacy API and we strongly recommend you migrate to `logGroup` if you can. + * `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it. + * * @default logs.RetentionDays.INFINITE - * @deprecated Use logGroup for full control over the custom resource log group */ readonly logRetention?: logs.RetentionDays; /** * The Log Group used for logging of events emitted by the custom resource's lambda function. * + * Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. + * If you are deploying to another type of region, please check regional availability first. + * * @default - a default log group created by AWS Lambda */ readonly logGroup?: logs.ILogGroup; diff --git a/packages/aws-cdk-lib/custom-resources/lib/aws-custom-resource/aws-custom-resource.ts b/packages/aws-cdk-lib/custom-resources/lib/aws-custom-resource/aws-custom-resource.ts index 57f0317505686..a8233d7e3b76e 100644 --- a/packages/aws-cdk-lib/custom-resources/lib/aws-custom-resource/aws-custom-resource.ts +++ b/packages/aws-cdk-lib/custom-resources/lib/aws-custom-resource/aws-custom-resource.ts @@ -329,14 +329,19 @@ export interface AwsCustomResourceProps { * The number of days log events of the singleton Lambda function implementing * this custom resource are kept in CloudWatch Logs. * + * This is a legacy API and we strongly recommend you migrate to `logGroup` if you can. + * `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it. + * * @default logs.RetentionDays.INFINITE - * @deprecated Use logGroup for full control over the custom resource log group */ readonly logRetention?: logs.RetentionDays; /** * The Log Group used for logging of events emitted by the custom resource's lambda function. * + * Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. + * If you are deploying to another type of region, please check regional availability first. + * * @default - a default log group created by AWS Lambda */ readonly logGroup?: logs.ILogGroup; diff --git a/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts b/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts index 5b15f71ed6eed..dee8caac120f9 100644 --- a/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts +++ b/packages/aws-cdk-lib/custom-resources/lib/provider-framework/provider.ts @@ -70,14 +70,19 @@ export interface ProviderProps { * updating this property, unsetting it doesn't remove the log retention policy. * To remove the retention policy, set the value to `INFINITE`. * + * This is a legacy API and we strongly recommend you migrate to `logGroup` if you can. + * `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it. + * * @default logs.RetentionDays.INFINITE - * @deprecated Use logGroup for full control over the custom resource log group */ readonly logRetention?: logs.RetentionDays; /** * The Log Group used for logging of events emitted by the custom resource's lambda function. * + * Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. + * If you are deploying to another type of region, please check regional availability first. + * * @default - a default log group created by AWS Lambda */ readonly logGroup?: logs.ILogGroup;