-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
core: add global logRetentionDays
setting
#23909
Comments
Have you looked into aspects? Aspects are a generic way you could implement anything like this in your own CDK app I'm not sure that this particular request would be easy to implement however, some of our log retention implementations use custom resources. Additionally, I'm not sure we'd want to implement this feature due to the precedent it could set and the maintenance overhead it would create. I can leave this open to discuss workarounds, and to gather community feedback on if this is something we should do |
Thanks for your response! I understand this constraint, I will check if aspects can help with my use case. |
I have a similar requirement, but more a frustration with resources which are apparently out of my control which create logs with "never expire" retention policy. For example I find there are a bunch of "never expire" log groups like:
...presumably one per deployment, as mentioned in this related issue #13250
Also note how the log group name changes each time, making it impossible(?) to target with an override via e.g. I made this aspect: import jsii
from aws_cdk import Annotations, IAspect
from constructs import IConstruct, MetadataEntry
def _get_logical_id(metadata: list[MetadataEntry]) -> str | None:
for entry in metadata:
if entry.type == "aws:cdk:logicalId":
return entry.data
@jsii.implements(IAspect)
class DebugAspect:
def visit(self, con: IConstruct):
logical_id = _get_logical_id(con.node.metadata)
Annotations.of(con).add_error(f"{con.node.id} | {con.__class__.__name__} | {con.node.path} | {logical_id}") ...and then in my tests I do: def test_log_retention(stack: Website):
cdk.Aspects.of(stack).add(LogRetentionChecker()) # type: ignore
annotations = Annotations.from_stack(stack)
errors = [msg.entry.data for msg in annotations.find_error("*", Match.any_value())]
breakpoint() ...as a clunky way of enumerating everything that is addressable via aspects. But Other problematic items I found are:
So given that it's somewhat haphazard whether constructs give any control over log retention, and there are other resources created which are unadressable, it would be useful to have some sort of global control over log retention policy. |
Additionally... I would like to be able to write assertions in tests that resources have an appropriate log retention policy set. When I define my own Lambda and set the log retention then:
this all seems so half-baked |
|
@fargito @anentropic we've implemented CustomResourceConfig which allows you to set the LogRetention of every CDK-vended custom resource. Can you try it out and see if it addresses most of the excess that you're seeing? If not, what other sources of these logs are you encountering? |
great news! However I added this to my app and redeployed: import aws_cdk as cdk
from aws_cdk import aws_logs as logs
from aws_cdk.custom_resources import CustomResourceConfig
app = cdk.App()
CustomResourceConfig.of(app).add_log_retention_lifetime(logs.RetentionDays.ONE_MONTH) but it seems to have had no effect and looking at the specifically I have the following log groups still set to "Never expire":
(I realise the RDS Proxy one wasn't expected to be affected, but it's frustrating I have no way to configure it) ...and this one set to "1 day":
...the latter I don't mind at all, but presumably it should have been affected by the CustomResourceConfig too? |
Describe the feature
add a global
logRetentionDays
context setting incdk.json
and make it the default for all log retention settingsUse Case
Hello,
Setting the retention period on all resources is quite frustrating.
Moreover, the value is often identical between all resources in the same stack, so it would be awesome to be able to define it in a centralized place.
Also, since the default is
Infinity
, having this setting would potentially have a big impact to help reduce the number of useless logs.WDYT?
Proposed Solution
No response
Other Information
No response
Acknowledgements
CDK version used
2.62.2
Environment details (OS name and version, etc.)
Ubuntu 22.04
The text was updated successfully, but these errors were encountered: