Move log retention terraform updates from v14.1.0 to v15.0.0

cumulus-tf/additions.tf.example

@@ -25,7 +25,6 @@ data "archive_file" "sample_code" {
 
 resource "aws_lambda_function" "bye_world" {
   # tfvar interpolation
-  depends_on = [aws_cloudwatch_log_group.bye_world]
   function_name = "${var.prefix}-ByeWorld"
   # referencing an argument (i.e. input) of the data source
   filename      = data.archive_file.sample_code.output_path
@@ -49,12 +48,6 @@ resource "aws_lambda_function" "bye_world" {
   tags = local.tags
 }
 
-resource "aws_cloudwatch_log_group" "bye_world" {
-  name              = "/aws/lambda/${var.prefix}-bye_world"
-  retention_in_days = lookup(var.cloudwatch_log_retention_periods, "bye_world", var.default_log_retention_days)
-  tags              = var.tags
-}
-
 resource "aws_security_group" "sample_egress_only" {
   # tfvar interpolation
   name   = "${var.prefix}-sample-egress-only"

cumulus-tf/cumulus_distribution.tf.example

@@ -25,8 +25,6 @@ module "cumulus_distribution" {
   api_url                  = var.cumulus_distribution_url
   bucket_map_file          = aws_s3_bucket_object.bucket_map_yaml_distribution.id
   bucketname_prefix        = ""
-  default_log_retention_days        = var.default_log_retention_days
-  cloudwatch_log_retention_periods  = var.cloudwatch_log_retention_periods
   cmr_acl_based_credentials = true
   cmr_environment           = var.cmr_environment
   cmr_provider              = var.cmr_provider

cumulus-tf/main.tf

@@ -115,9 +115,6 @@ module "cumulus" {
   private_archive_api_gateway = var.private_archive_api_gateway
   api_gateway_stage           = var.api_gateway_stage
 
-  default_log_retention_days = var.default_log_retention_days
-  cloudwatch_log_retention_periods = var.cloudwatch_log_retention_periods
-
   # Thin Egress App settings
   # Remove if using Cumulus Distribution
   # must match stage_name variable for thin-egress-app module

cumulus-tf/terraform.tfvars.example

@@ -73,13 +73,6 @@ private_archive_api_gateway = true
 # default to true if not specified
 deploy_distribution_s3_credentials_endpoint = false
 
-## Optional. These variables are for configuring the cloudwatch log group's retention periods
-# cloudwatch_log_retention_periods = {
-#   <lambda function or task name> = 365
-# }
-#
-# default_log_retention_days = 15
-
 ## Optional. Required if using cmr_oauth_provider = "launchpad"
 # launchpad_api = "launchpadApi"
 # launchpad_certificate = "certificate"

cumulus-tf/thin_egress_app.tf

@@ -62,7 +62,7 @@ resource "aws_cloudwatch_log_subscription_filter" "egress_api_gateway_log_subscr
 resource "aws_cloudwatch_log_group" "egress_lambda_log_group" {
   count             = (var.log_destination_arn != null) ? 1 : 0
   name              = "/aws/lambda/${module.thin_egress_app.egress_lambda_name}"
-  retention_in_days = lookup(var.cloudwatch_log_retention_periods, "EgressLambda", var.default_log_retention_days)
+  retention_in_days = 30
   tags              = var.tags
 }
 

cumulus-tf/variables.tf

@@ -204,29 +204,6 @@ variable "aws_profile" {
   default = null
 }
 
-variable "cloudwatch_log_retention_periods" {
-  type = map(number)
-  description = "retention periods for the respective cloudwatch log group, these values will be used instead of default retention days"
-  default = {
-    data-migration2 = 10,
-    DiscoverGranules = 10,           # ingest module
-    granuleFilesCacheUpdater = 10,   # archive module
-    ProvisionPostgresDatabase = 7,  # cumulus-rds-tf module
-    DistributionApiEndpoints = 7,   # cumulus_distribution module
-    EcsLogs = 7,                    # cumulus_ecs_service module
-    s3-credentials-endpoint = 7,    # distribution module
-    PrivateApiLambda = 7,           # archive module
-    HelloWorld = 7,
-    TeaCache = 7,                   # tea-map-cache module
-  }
-}
-
-variable "default_log_retention_days" {
-  type = number
-  default = 15
-  description = "default value that user chooses for their log retention periods"
-}
-
 variable "log_api_gateway_to_cloudwatch" {
   type        = bool
   default     = false

data-migration1-tf/main.tf

@@ -40,7 +40,4 @@ module "data_migration1" {
   provider_kms_key_id = var.provider_kms_key_id
 
   tags = merge(var.tags, { Deployment = var.prefix })
-
-  default_log_retention_days = var.default_log_retention_days
-  cloudwatch_log_retention_periods = var.cloudwatch_log_retention_periods
 }

data-migration1-tf/terraform.tfvars.example

@@ -13,9 +13,3 @@ data_persistence_remote_state_config = {
   region = "us-east-1"
 }
 
-## Optional. These variables are for configuring the cloudwatch log group's retention periods
-# cloudwatch_log_retention_periods = {
-#   <lambda function or task name> = 365
-# }
-#
-# default_log_retention_days = 15

data-migration1-tf/variables.tf

@@ -38,16 +38,3 @@ variable "vpc_id" {
   default = null
 }
 
-variable "cloudwatch_log_retention_periods" {
-  type = map(number)
-  description = "retention periods for the respective cloudwatch log group, these values will be used instead of default retention days"
-  default = {
-    data-migration-1 = 10, #data-migration1 module
-  }
-}
-
-variable "default_log_retention_days" {
-  type = number
-  default = 15
-  description = "default value that user chooses for their log retention periods"
-}

data-persistence-tf/main.tf

@@ -33,7 +33,4 @@ module "data_persistence" {
   tags = {
     Deployment = var.prefix
   }
-
-  default_log_retention_days = var.default_log_retention_days
-  cloudwatch_log_retention_periods = var.cloudwatch_log_retention_periods
 }

data-persistence-tf/terraform.tfvars.example

@@ -5,10 +5,3 @@ rds_user_access_secret_arn = "arn:aws:secretsmanager:us-east-1:1234567890:secret
 rds_security_group = "sg-1234567890xxxxx"
 subnet_ids = ["subnet-12345"]
 vpc_id        = "vpc-12345"
-
-## Optional. These variables are for configuring the cloudwatch log group's retention periods
-# cloudwatch_log_retention_periods = {
-#   <lambda function or task name> = 365
-# }
-#
-# default_log_retention_days = 15

data-persistence-tf/variables.tf

@@ -33,17 +33,3 @@ variable "permissions_boundary_arn" {
   type    = string
   default = null
 }
-
-variable "cloudwatch_log_retention_periods" {
-  type = map(number)
-  description = "retention periods for the respective cloudwatch log group, these values will be used instead of default retention days"
-  default = {
-    postgres-db-migration = 10, # data-persistence module
-  }
-}
-
-variable "default_log_retention_days" {
-  type = number
-  default = 15
-  description = "default value that user chooses for their log retention periods"
-}

rds-cluster-tf/main.tf

@@ -29,7 +29,4 @@ module "rds_cluster" {
   prefix                   = var.prefix
   permissions_boundary_arn = var.permissions_boundary_arn
   rds_user_password        = var.rds_user_password
-
-  default_log_retention_days = var.default_log_retention_days
-  cloudwatch_log_retention_periods = var.cloudwatch_log_retention_periods
 }

rds-cluster-tf/terraform.tfvars.example

@@ -8,11 +8,4 @@ cluster_identifier  = "<cluster_identifier"
 tags        = { "tag1" = "value" }
 provision_user_database = false
 prefix = "PREFIX"
-permissions_boundary_arn = "arn:aws:iam::XXXXXXXX:policy/SomeRoleBoundary"
-
-## Optional. These variables are for configuring the cloudwatch log group's retention periods
-# cloudwatch_log_retention_periods = {
-#   <lambda function or task name> = 365
-# }
-#
-# default_log_retention_days = 15
+permissions_boundary_arn = "arn:aws:iam::XXXXXXXX:policy/SomeRoleBoundary"

rds-cluster-tf/variables.tf

@@ -75,15 +75,3 @@ variable "rds_user_password" {
   type    = string
   default = "changeme"
 }
-
-variable "cloudwatch_log_retention_periods" {
-  type = map(number)
-  description = "Optional retention periods for the respective cloudwatch log group, these values will be used instead of default retention days"
-  default = {}
-}
-
-variable "default_log_retention_days" {
-  type = number
-  default = 30
-  description = "Optional default value that user chooses for their log retention periods"
-}