search

aws-cloudformation / aws-cloudformation-resource-providers-logs

The CloudFormation Resource Provider Package For Amazon CloudWatch Logs
https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/WhatIsCloudWatchLogs.html
Apache License 2.0
33 stars 35 forks source link

LogGroup: Not returning ARN on create and update #25

Open johnttompkins opened 4 years ago

johnttompkins commented 4 years ago

We are sucessfully creating/updating log groups in the handlers, but #21 removed a read call that set the arn in the returned model, so the models returned by the create and read calls differ, as so update & read. Found during contract tests:

assert {'Arn': 'arn:...onInDays': 60} == {'LogGroupName...onInDays': 60}
E         Omitting 2 identical items, use -vv to show
E         Left contains 1 more item:
E         {'Arn': 'arn:aws:logs:us-west-2:123456789012:log-group:name*'}
E         Full diff:
E         + {'LogGroupName': 'name', 'RetentionInDays': 60}
E         - {'Arn': 'arn:aws:logs:us-west-2:123456789012:log-group:name*',
E         -  'LogGroupName': 'name,...

Need to either add back in the read call at the end of the handler or construct this arn in the create handler, although having to maintain logic for contstructing arns seems like overkill.

benbridts commented 4 years ago

If the ARN is constructed in the Handler, the logs:DescribeLogGroups permission can be remove from the create handler in the schema.

I'd advocate for reverting #21 for now and adding an issue for doing this another way if the extra api call is unwanted. It's annoying to start writing new code if the current code doesn't pass tests.