Update main.tf to change lambda log group retention time

Moving to the managed lambda log group to add a retention time.
dfds · Dec 18, 2023 · 93eb25e · 93eb25e
1 parent 61541cc
commit 93eb25e
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/_sub/security/security-bot/main.tf b/_sub/security/security-bot/main.tf
@@ -318,6 +318,15 @@ resource "aws_lambda_function" "bot" {
       SQS_FOLLOW_UP_QUEUE_URL           = aws_sqs_queue.queue[0].id # `id` provides the URL
     }
   }
+  depends_on = [
+    aws_cloudwatch_log_group.lambda_log_group,
+  ]
+}
+
+resource "aws_cloudwatch_log_group" "lambda_log_group" {
+  count             = var.deploy ? 1 : 0
+  name              = "/aws/lambda/${aws_iam_role.lambda[0].name}"
+  retention_in_days = 90
 }
 
 resource "aws_lambda_event_source_mapping" "sqs" {