amazon-web-services - 如何在 Terraform 中为 stepfunction 启用 CloudWatch 日志记录和 X 射线?
问题描述
在 AWS 控制台中,我们可以轻松地为步进函数状态机启用 cloudwatch 日志记录和 X-ray,但我希望我的资源完全由 Terraform 管理,来自此页面:https ://registry.terraform.io/providers/hashicorp/aws/最新的/docs/resources/sfn_state_machine
目前看来 Terraform 不支持此功能(另请参阅:https ://github.com/hashicorp/terraform-provider-aws/issues/12192 )
有谁知道是否有任何解决方法可以实现这一目标?我真的很希望能够同时启用来自 Terraform 的 cloudwatch 日志和 X 射线。我找不到太多这方面的信息。请问有人可以帮忙吗?非常感谢。
解决方案
更新:这是最近发布的功能3.27.0(2021 年 2 月 5 日)
对应文档链接:sfn_state_machine#logging
您可以包装用于在terraform null_resource中启用日志记录的命令,如链接问题Enabling Step Function Logging To CloudWatch #12192中所示,如下所示:
先决条件:
aws-cli/2.1.1
之前:
{
"stateMachineArn": "arn:aws:states:us-east-1:1234567890:stateMachine:mystatemachine",
"name": "my-state-machine",
"status": "ACTIVE",
"definition": "{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Pass\",\n \"End\": true\n }\n }\n}\n",
"roleArn": "arn:aws:iam::1234567890:role/service-role/StepFunctions-MyStateMachine-role-a6146d54",
"type": "STANDARD",
"creationDate": 1611682259.919,
"loggingConfiguration": {
"level": "OFF",
"includeExecutionData": false
}
}
resource "aws_sfn_state_machine" "sfn_state_machine" {
name = "mystatemachine"
role_arn = "arn:aws:iam::1234567890:role/service-role/StepFunctions-MyStateMachine-role-a6146d54"
definition = <<EOF
{
"Comment": "A Hello World example of the Amazon States Language using an AWS Lambda Function",
"StartAt": "HelloWorld",
"States": {
"HelloWorld": {
"Type": "Pass",
"End": true
}
}
}
EOF
}
resource "aws_cloudwatch_log_group" "yada" {
name = "/aws/vendedlogs/states/myloggroup"
}
resource "null_resource" "enable_step_function_logging" {
triggers = {
state_machine_arn = aws_sfn_state_machine.sfn_state_machine.arn
logs_params=<<PARAMS
{
"level":"ALL",
"includeExecutionData":true,
"destinations":[
{
"cloudWatchLogsLogGroup":{
"logGroupArn":"${aws_cloudwatch_log_group.yada.arn}:*"
}
}
]
}
PARAMS
}
provisioner "local-exec" {
command = <<EOT
set -euo pipefail
aws stepfunctions update-state-machine --state-machine-arn ${self.triggers.state_machine_arn} --tracing-configuration enabled=true --logging-configuration='${self.triggers.logs_params}'
EOT
# interpreter = ["bash"]
}
}
之后:
{
"stateMachineArn": "arn:aws:states:us-east-1:1234567890:stateMachine:mystatemachine",
"name": "mystatemachine",
"status": "ACTIVE",
"definition": "{\n \"Comment\": \"A Hello World example of the Amazon States Language using an AWS Lambda Function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Pass\",\n \"End\": true\n }\n }\n}\n",
"roleArn": "arn:aws:iam::1234567890:role/service-role/StepFunctions-MyStateMachine-role-a6146d54",
"type": "STANDARD",
"creationDate": 1611687676.151,
"loggingConfiguration": {
"level": "ALL",
"includeExecutionData": true,
"destinations": [
{
"cloudWatchLogsLogGroup": {
"logGroupArn": "arn:aws:logs:us-east-1:1234567890:log-group:/aws/vendedlogs/states/myloggroup:*"
}
}
]
}
}
推荐阅读
- reactjs - 如何捕获子组件的事件处理程序中引发的错误?
- visual-studio - Visual Studio 2019 不允许在调试时更改代码
- angular - 此表达式不可调用,类型“UserService”没有调用签名
- flutter - 如何使用 Flutter Web 处理来自提供商的全局密钥?
- reactjs - 在 Firebase 上部署项目时出错
- ios - 无法使用 addSnapshotListener Swift 从 Firestore 检索数据
- php - PHP - 调整和保存 PNG 图像。有些全是黑色的
- c - 为什么这个 C 函数中的 for printf 没有输出正确的字符串?
- javascript - 从字符串正则表达式中提取变量
- apache - Apache (HTTPD) 虚拟主机条目不起作用