[Enhancement]: Support a log group configuration for aws_mq_broker

Description

The current resource aws_mq_broker does not support a cloudwatch log group configuration or the logging level which severely affects cost as you can't specify a log group retention in days or the level.

Affected Resource(s) and/or Data Source(s)

aws_mq_broker

Potential Terraform Configuration

resource "aws_cloudwatch_log_group" "rabbitmq_log_group" {
  name              = "/aws/mq/broker/${var.resource_prefix}-rabbitmq"
  retention_in_days = var.rabbitmq_log_retention_days
}

resource "aws_mq_broker" "rabbitmq" {
  broker_name                = "${var.resource_prefix}-rabbitmq"
  engine_type                = "RabbitMQ"
  engine_version             = var.rabbitmq_engine_version
  storage_type               = "ebs"
  host_instance_type         = var.rabbitmq_host_instance_type
  security_groups            = [aws_security_group.amazonmq.id]
  deployment_mode            = var.rabbitmq_deployment_mode
  publicly_accessible        = "false"
  subnet_ids                 = var.rabbitmq_deployment_mode == "SINGLE_INSTANCE" ? [var.ecs_subnet_ids[0]] : var.ecs_subnet_ids
  auto_minor_version_upgrade = "true"
  apply_immediately          = "false"
  logs {
    general = "true"
    audit   = "true"
    group   = aws_cloudwatch_log_group.rabbitmq_log_group.name
    level   = "error"
  }
  maintenance_window_start_time {
    day_of_week = "SUNDAY"
    time_of_day = "01:00"
    time_zone   = "UTC"
  }
  encryption_options {
    kms_key_id        = var.kms_key_arn
    use_aws_owned_key = false
  }
  user {
    username = var.rabbitmq_username
    password = var.rabbitmq_password
  }
}

References

No response

Would you like to implement a fix?

None

hashicorp / terraform-provider-aws

[Enhancement]: Support a log group configuration for aws_mq_broker #39545

Description

Affected Resource(s) and/or Data Source(s)

Potential Terraform Configuration

References

Would you like to implement a fix?

Community Note