CloudWatch Log Group
π¦ Overviewβ
This Terraform module provisions an Amazon CloudWatch Log Group with customizable retention and tagging settings.
Itβs ideal for ingesting logs from AWS services, Lambda functions, ECS tasks, and custom applicationsβforming the foundation for observability pipelines.
β Key Featuresβ
- Creates a CloudWatch Log Group with a custom name
- Configures retention period in days (default or user-defined)
- Adds environment-based tags for traceability
- Supports centralized logging and compliance alignment
πΌ Use Casesβ
- Logging Lambda, ECS, or EC2 output in structured format
- Managing audit and access logs for compliance
- Grouping logs by environment (e.g.,
/app/dev,/prod/api) - Building metrics and alarms on log filters
π₯ Input Variablesβ
| Name | Type | Description |
|---|---|---|
| region | string | AWS region to deploy the log group |
| log_group_name | string | Name of the CloudWatch Log Group |
| retention_in_days | number | Number of days to retain logs (e.g., 7, 30, 365) |
| environment | string | Tag to specify the deployment environment (e.g., dev, staging, prod) |
π€ Outputsβ
| Name | Description |
|---|---|
| log_group_name | The name of the provisioned log group |
| log_group_arn | The ARN of the provisioned log group |
π Deployment Readinessβ
- β Compatible with Terraform 1.0+
- β Tested with AWS provider 5.x
- π§ͺ Requires IAM permissions to create and manage CloudWatch resources
π οΈ Example Usageβ
module "cloudwatch-log-group-deployment" {
source = "git::ssh://git@github.com/archiphire/aws-level-1-modules.git//monitoring/cloudwatch-log-group?ref=v1.0.0"
region = "us-east-1"
log_group_name = "/app/env/service-logs"
retention_in_days = 30
environment = "prod"
}
terraform init
terraform plan
terraform apply
or
tofu init
tofu plan
tofu apply
π§Ή Cleanup Optionsβ
terraform destroy
or
tofu destroy
Manual Deletion (production):
aws logs delete-log-group --log-group-name /app/env/service-logs
π‘οΈ Notesβ
This is a Level 1 monitoring module designed for flexible log ingestion. For enhanced observability, pair it with:
cloudwatch-alarm-cpu cloudwatch-dashboard-basic
π Deployment Package Noticeβ
This module is part of the Level 1 AWS License Tier. To access the full deployment package and source code, subscribe to Archiphire.