Feature/encrypt logs (#8)

ghaddow · web-flow · commit d06557648136 · 2020-01-31T14:24:08.000Z
* doh!

* allow toggling of loadbalancing

* remove healthcheck grace period when not load balanced

* enable encryption of logs
diff --git a/README.md b/README.md
@@ -90,6 +90,7 @@ Module managed by [Marcin Cuber](https://github.com/marcincuber) [LinkedIn](http
 | task\_host\_port | The port number on the container instance to reserve for your container. | number | `"0"` | no |
 | target\_group\_name | The name for the tasks target group. | string | `""` | no |
 | load\_balanced | Whether the task should be loadbalanced. | bool | `true` | no |
+| logs_kms_key | The KMS key ARN to use to encrypt container logs. | string | `""` | no |
 
 ## Outputs
 
diff --git a/main.tf b/main.tf
@@ -4,6 +4,8 @@
 resource "aws_cloudwatch_log_group" "main" {
   name              = var.name_prefix
   retention_in_days = var.log_retention_in_days
+
+  kms_key_id        = var.logs_kms_key
   tags              = var.tags
 }
 
diff --git a/variables.tf b/variables.tf
@@ -164,3 +164,9 @@ variable "load_balanced" {
   default = true
   description = "Whether the task should be loadbalanced."
 }
+
+variable "logs_kms_key" {
+  type = string
+  description = "The KMS key ARN to use to encrypt container logs."
+  default = ""
+}

Original file line number	Diff line number	Diff line change
`@@ -4,6 +4,8 @@`
`4`	`4`	`resource "aws_cloudwatch_log_group" "main" {`
`5`	`5`	`name = var.name_prefix`
`6`	`6`	`retention_in_days = var.log_retention_in_days`
	`7`	`+`
	`8`	`+ kms_key_id = var.logs_kms_key`
`7`	`9`	`tags = var.tags`
`8`	`10`	`}`
`9`	`11`