Skip to content

Commit

Permalink
fix(custom-resources): cannot set logging for state machine generated…
Browse files Browse the repository at this point in the history
… in CompleteHandler (#28706)

This PR fixes the case that `StateMachine` generated for `CompleteHandler` in `Provider` cannot set logging.

The default log group name of the state machine automatically created by the `Provider` with `isCompleteHandler` should start with `/aws/vendedlogs/states`. Otherwise, each time the state machine is created, the log resource policy size increases. 

https://docs.aws.amazon.com/step-functions/latest/dg/bp-cwl.html

Closes #27283
Fixes #28577 #28744

Related PR #27310(reverted by #28699), #28587

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
  • Loading branch information
go-to-k authored Apr 19, 2024
1 parent 2126ee5 commit 99041b2
Show file tree
Hide file tree
Showing 143 changed files with 12,993 additions and 6,062 deletions.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -291,7 +291,7 @@
{
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
},
"/9e74695d20fbb89dc62fd8a020b6273050655fc292429f61f3ec014282a93e69.json"
"/960077579d48da3054d2f2b5a09cca17fc80809a34ba0d9d2d2fd19702c9b684.json"
]
]
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -676,6 +676,22 @@
]
}
]
},
{
"Action": [
"logs:CreateLogDelivery",
"logs:CreateLogStream",
"logs:DeleteLogDelivery",
"logs:DescribeLogGroups",
"logs:DescribeResourcePolicies",
"logs:GetLogDelivery",
"logs:ListLogDeliveries",
"logs:PutLogEvents",
"logs:PutResourcePolicy",
"logs:UpdateLogDelivery"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
Expand All @@ -688,6 +704,26 @@
]
}
},
"ProviderwaiterstatemachineLogGroupDD693A98": {
"Type": "AWS::Logs::LogGroup",
"Properties": {
"LogGroupName": {
"Fn::Join": [
"",
[
"/aws/vendedlogs/states/waiter-state-machine-",
{
"Ref": "ProviderframeworkisComplete26D7B0CB"
},
"-c861cd2a83a6af30e2613fcc9324bc4db65ca58d7f"
]
]
},
"RetentionInDays": 731
},
"UpdateReplacePolicy": "Retain",
"DeletionPolicy": "Retain"
},
"Providerwaiterstatemachine5D4A9DF0": {
"Type": "AWS::StepFunctions::StateMachine",
"Properties": {
Expand All @@ -713,6 +749,22 @@
]
]
},
"LoggingConfiguration": {
"Destinations": [
{
"CloudWatchLogsLogGroup": {
"LogGroupArn": {
"Fn::GetAtt": [
"ProviderwaiterstatemachineLogGroupDD693A98",
"Arn"
]
}
}
}
],
"IncludeExecutionData": false,
"Level": "ERROR"
},
"RoleArn": {
"Fn::GetAtt": [
"ProviderwaiterstatemachineRole0C7159F9",
Expand Down

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -246,7 +246,7 @@
{
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-eu-west-1"
},
"/4148c9473bcbd8c19e338a215d442b27cc755081d5d4980c0648dfd92306e0e5.json"
"/8b3c6feb070f454632cee6e863c7ec94af3254d0071ad904533703d3b66a63b8.json"
]
]
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -672,6 +672,22 @@
]
}
]
},
{
"Action": [
"logs:CreateLogDelivery",
"logs:CreateLogStream",
"logs:DeleteLogDelivery",
"logs:DescribeLogGroups",
"logs:DescribeResourcePolicies",
"logs:GetLogDelivery",
"logs:ListLogDeliveries",
"logs:PutLogEvents",
"logs:PutResourcePolicy",
"logs:UpdateLogDelivery"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
Expand All @@ -684,6 +700,26 @@
]
}
},
"ProviderwaiterstatemachineLogGroupDD693A98": {
"Type": "AWS::Logs::LogGroup",
"Properties": {
"LogGroupName": {
"Fn::Join": [
"",
[
"/aws/vendedlogs/states/waiter-state-machine-",
{
"Ref": "ProviderframeworkisComplete26D7B0CB"
},
"-c8696e1868b3a8bafc51799993fdba7f11ffdcc5c5"
]
]
},
"RetentionInDays": 731
},
"UpdateReplacePolicy": "Retain",
"DeletionPolicy": "Retain"
},
"Providerwaiterstatemachine5D4A9DF0": {
"Type": "AWS::StepFunctions::StateMachine",
"Properties": {
Expand All @@ -709,6 +745,22 @@
]
]
},
"LoggingConfiguration": {
"Destinations": [
{
"CloudWatchLogsLogGroup": {
"LogGroupArn": {
"Fn::GetAtt": [
"ProviderwaiterstatemachineLogGroupDD693A98",
"Arn"
]
}
}
}
],
"IncludeExecutionData": false,
"Level": "ERROR"
},
"RoleArn": {
"Fn::GetAtt": [
"ProviderwaiterstatemachineRole0C7159F9",
Expand Down
Loading

0 comments on commit 99041b2

Please sign in to comment.