You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
More clearly distinguish between S3 Access Logging and Cloudfront Access Logging
Deprecate:
access_log_bucket_name
logging_enabled
log_include_cookies
log_prefix
Replace with variables prefixed with s3_access_log and cloudfront_access_log to indicate which access logs they apply to
Provide independent feature flags for S3 Access Logging and Cloudfront Access Logging
Provide ability to configure independent logging object prefixes for S3 Access Logging and Cloudfront Access Logging
Provide ability to direct Cloudfront Access Logging to an existing S3 bucket
Fix issues causing module to fail when enabled was set to false
Add tests
why
This module (potentially) creates an S3 Bucket to use as the Cloudfront Origin, and a Cloudfront Distribution. Both S3 Buckets and Cloudfront Distributions provide the ability to generate Access Logs and save them to an S3 bucket. However, the variables in the module referred only to "log" or "logging", which made it non-obvious whether they applied to S3 Access Logs or Cloudfront Access Logs. The new naming largely removes the confusion, while the old variables are still supported for backward compatibility.
Explicit flags enabling and disabling logging (rather than implicit based on providing a destination bucket name) avoids Terraform problems with plan depending on results of apply when S3 Bucket is created in the same root module that calls this module.
The user was stuck with the prefix this module generated for S3 Access Logs, which may not have been what they wanted.
This module always created a new S3 bucket for Cloudfront Access Logging when Cloudfront Access Logging was enabled, which did not allow users to store logs for multiple distributions in the same bucket.
All Cloud Posse modules should plan and apply without error and without creating resources when enabled is set to false
Ensure module behaves properly when enabled is set to false. Verify that the same S3 Bucket can be supplied for both sets of access logs
