Support optional access logs #85
Conversation
Provides a way to disable logs. Logging is enabled by default.
brainsik
requested review from
mr337,
sheenamt,
dynamike,
LinuxBozo,
eeeady and
mdrummerboy09
| prefix = "alb/${var.name}-${var.environment}" | ||
| dynamic "access_logs" { | ||
| # Skips creating the block if logs_s3_bucket is empty string | ||
| for_each = var.logs_s3_bucket == "" ? [] : ["create block"] |
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
brainsik
force-pushed
the
optional-logs
branch
from
940fddc to
ed215f5
Compare
|
@LinuxBozo @dynamike @eeeady I believe this is ready for a real review now. |
There was a problem hiding this comment.
Playing around with this locally as @LinuxBozo has so amazingly commented on in the test code, I'm able to reproduce this same bug locally. It only happens when you spin up the logs module and this module from scratch. A second apply passes. Running this problem without logging, like @brainsik, doesn't trigger the bug.
The bit that I don't understand is it doesn't appear to be a problem with the https://github.com/trussworks/terraform-aws-s3-private-bucket module, which has he same dynamic logic being used here.
My only request is can we add a Note to the README highlighting this bug, it's a pretty painful one for those using the module with logging for the first time.
|
|
||
| This is a bug in the provider, which should be reported in the provider's own | ||
| issue tracker. | ||
| https://github.com/terraform-providers/terraform-provider-aws/issues/10297 |
There was a problem hiding this comment.
This is another bug report specific to AWS access logs and ALBs
hashicorp/terraform-provider-aws#16674
|
@brainsik how we hanging on this? |
|
Woot! The dynamic block planning problem got fixed in Terraform v0.15.2: I'm going to open a new PR with my changes. Apparently the change from |
This came up while I was drafting what a Hello, World project might look like. I don't want the student to have to create an S3 bucket + policy just to bring up an ALB. This felt like a simple change that doesn't impact the default of logging.