diff --git a/scripts/import_cloudwatch_log_groups.py b/scripts/import_cloudwatch_log_groups.py index adfd298d7..2fc558e7c 100644 --- a/scripts/import_cloudwatch_log_groups.py +++ b/scripts/import_cloudwatch_log_groups.py @@ -33,6 +33,14 @@ def resource(name): name, stage = config.unqualified_resource_name(name) if stage == config.deployment_stage: log_groups[resource('chatbot')] = group_name + elif not tf_component: + # Lambda functions + if group_name.startswith('/aws/lambda'): + name = group_name.rpartition('/')[2] + name, stage, suffix = config.unqualified_resource_name_and_suffix(name) + if stage == config.deployment_stage: + name = name + (f'_{suffix[1:]}' if suffix else '') + '_lambda' + log_groups[resource(name)] = group_name else: pass diff --git a/terraform/Makefile b/terraform/Makefile index b2704cd3a..65771dcee 100644 --- a/terraform/Makefile +++ b/terraform/Makefile @@ -38,6 +38,9 @@ rename_resources: validate .PHONY: import_resources import_resources: rename_resources + @# FIXME: Remove once the log groups have been imported into all deployments + @# https://github.com/DataBiosphere/azul/issues/6911 + python $(project_root)/scripts/import_cloudwatch_log_groups.py .PHONY: plan plan: import_resources diff --git a/terraform/api_gateway.tf.json.template.py b/terraform/api_gateway.tf.json.template.py index a2344a5ba..ade45f0f3 100644 --- a/terraform/api_gateway.tf.json.template.py +++ b/terraform/api_gateway.tf.json.template.py @@ -649,6 +649,13 @@ def for_domain(cls, domain): f'{app.name}_api_gateway': { 'name': '/aws/apigateway/' + config.qualified_resource_name(app.name), 'retention_in_days': config.audit_log_retention_days, + }, + **{ + f'{resource_name}_lambda': { + 'name': f'/aws/lambda/{resource['function_name']}', + 'retention_in_days': config.audit_log_retention_days + } for resource_name, resource in + chalice.tf_config(app.name)['resource']['aws_lambda_function'].items() } }, 'aws_iam_role': {