Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CloudWatchLogsAddon: setting logRetentionDays param does not work and not set cloudWatchLogs.logRetentionDays when creating CloudWatch Log Groups #888

Closed
bnaydenov opened this issue Dec 12, 2023 · 1 comment · Fixed by #889
Closed

CloudWatchLogsAddon: setting logRetentionDays param does not work and not set cloudWatchLogs.logRetentionDays when creating CloudWatch Log Groups #888

bnaydenov opened this issue Dec 12, 2023 · 1 comment · Fixed by #889
Labels
bug Something isn't working

Comments

@bnaydenov
Copy link
Contributor

Describe the bug

When adding CloudWatchLogsAddon and setting parm logRetentionDays does not work. When respective CloudWatch LogGroups are created no retention is set a.k.a all log groups are set with never expire.

const addOn = new blueprints.addons.CloudWatchLogsAddon({
  namespace: 'aws-for-fluent-bit',
  createNamespace: true,
  serviceAccountName: 'aws-fluent-bit-for-cw-sa',
  logGroupPrefix: '/aws/eks/<your-cluster-name>',
  logRetentionDays: 90 
});

Expected Behavior

When adding CloudWatchLogsAddon and setting parm logRetentionDays when respective CloudWatch LogGroups are created retention for all log groups must be set to expire in number of days specified in param logRetentionDays.

Current Behavior

When adding CloudWatchLogsAddon and setting parm logRetentionDays does not work. When respective CloudWatch LogGroups are created no retention is set a.k.a all log groups are set with never expire.

const addOn = new blueprints.addons.CloudWatchLogsAddon({
  namespace: 'aws-for-fluent-bit',
  createNamespace: true,
  serviceAccountName: 'aws-fluent-bit-for-cw-sa',
  logGroupPrefix: '/aws/eks/<your-cluster-name>',
  logRetentionDays: 90 
});

There are 2 problems why this is happening:

  1. Lack of persimmons which allow logs:PutRetentionPolicy and logs:DeleteRetentionPolicy
    in this file

    cdk-eks-blueprints/lib/addons/cloudwatch-logs/iam-policy.ts

    Line 7 in 69d730e

    export function getCloudWatchLogsPolicyDocument() : Statement[] {

  2. in addon code CloudWatchLogsAddon we set wrong param cloudWatchLogs.log_retention_days check here https://github.com/aws/eks-charts/blob/2ca1cb467a7ded4a608ab314b5cecf04dc7d758c/stable/aws-for-fluent-bit/templates/configmap.yaml#L140C42-L140C73 it should be cloudWatchLogs.logRetentionDays

Reproduction Steps

Just try to execute code from example page https://aws-quickstart.github.io/cdk-eks-blueprints/addons/cloudwatch-logs/

Possible Solution

I will provide PR with needed changes to fix this

Additional Information/Context

No response

CDK CLI Version

2.99.1 (build b2a895e)

EKS Blueprints Version

1.12.0

Node.js Version

v18.15.0

Environment details (OS name and version, etc.)

Mac OS Ventura - Version 13.6.2

Other information

No response
@bnaydenov bnaydenov added the bug Something isn't working label Dec 12, 2023
bnaydenov added a commit to bnaydenov/cdk-eks-blueprints that referenced this issue Dec 12, 2023
@bnaydenov
fix aws-quickstart#888 issue
3dba45b
@bnaydenov bnaydenov mentioned this issue Dec 12, 2023
Merged
@bnaydenov
Copy link
Contributor Author

@shapirov103 please take a look into this when you have time

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
1 participant
@bnaydenov