Problem creating cloud watch log group using cloudformation #1084
Unanswered
javafanboy
asked this question in
Q&A
Replies: 1 comment
-
|
Hi, I think this is basically related to the same issue about the missing functionalities in CloudFormation. I will keep you posted. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi Floci team,
We’re trying to provision a CloudWatch Logs log group through CloudFormation in Floci, but it looks like AWS::Logs::LogGroup is currently accepted as a CloudFormation resource without creating a log group that the CloudWatch Logs APIs can use.
Environment: Floci image floci/floci:latest, Floci version 1.5.19, image digest floci/floci@sha256:e981a5afd790ec30e3670f1ef823cf2b7b9384c75cd4f234a75d8f1125d34ee6, region eu-west-1.
Minimal reproduction:
./bin/floci cloudformation create-stack --stack-name floci-logs-cfn-report --template-body '{"AWSTemplateFormatVersion":"2010-09-09","Resources":{"LogGroup":{"Type":"AWS::Logs::LogGroup","Properties":{"LogGroupName":"/floci/cfn-report"}}},"Outputs":{"LogGroupName":{"Value":{"Ref":"LogGroup"}}}}'
./bin/floci cloudformation wait stack-create-complete --stack-name floci-logs-cfn-report
./bin/floci cloudformation describe-stack-resources --stack-name floci-logs-cfn-report
./bin/floci cloudformation describe-stacks --stack-name floci-logs-cfn-report
./bin/floci logs describe-log-groups --log-group-name-prefix /floci/cfn-report
Observed behavior: CloudFormation reports CREATE_COMPLETE for the AWS::Logs::LogGroup resource and returns a synthetic physical id like LogGroup-52784db3. The stack output for Ref also returns that synthetic id rather than the requested log group name. However, CloudWatch Logs does not see the log group. Running ./bin/floci logs describe-log-groups --log-group-name-prefix /floci/cfn-report returns an empty logGroups array.
Expected behavior: creating an AWS::Logs::LogGroup via CloudFormation should have the same side effect as calling CreateLogGroup, so the log group should appear in logs describe-log-groups and be usable for log streams, log events, retention policies, and ECS awslogs configuration.
Direct CloudWatch Logs API creation works for us. For example, ./bin/floci logs create-log-group --log-group-name /floci/direct-report creates a log group that appears in describe-log-groups, and put-retention-policy also works. So our current workaround is to create log groups directly through the CloudWatch Logs API instead of CloudFormation.
Question: is AWS::Logs::LogGroup intended to be supported as a real side-effecting CloudFormation resource in Floci, or is it currently metadata-only/synthetic? If it is intended to work, is there a different template shape or property set we should use?
Beta Was this translation helpful? Give feedback.
All reactions