Skip to content

Commit

Permalink
fix: firelens configFileValue is optional
Browse files Browse the repository at this point in the history 
Signed-off-by: Wesley Pettit <wppttt@amazon.com>
  • Loading branch information
@PettitWesley
PettitWesley committed Jun 10, 2022
1 parent 45e4e43 commit 0b8d047
Showing 1 changed file with 48 additions and 26 deletions.
74 changes: 48 additions & 26 deletions packages/@aws-cdk/aws-ecs/lib/firelens-log-router.ts
View file
Expand Up @@ -60,8 +60,9 @@ export interface FirelensOptions {

/**
* Custom configuration file, S3 ARN or a file path
* @default - configFileValue is user defined and optional and there is no default
*/
readonly configFileValue: string;
readonly configFileValue?: string;
}

/**
Expand Down Expand Up @@ -109,14 +110,22 @@ export interface FirelensLogRouterDefinitionOptions extends ContainerDefinitionO
function renderFirelensConfig(firelensConfig: FirelensConfig): CfnTaskDefinition.FirelensConfigurationProperty {
if (!firelensConfig.options) {
return { type: firelensConfig.type };
} else if (firelensConfig.options.configFileValue === undefined) {
// config file options must be set together and are optional
return {
type: firelensConfig.type,
options: {
'enable-ecs-log-metadata': firelensConfig.options.enableECSLogMetadata ? 'true' : 'false',
},
};
} else {
// firelensConfig.options.configFileType has been filled with s3 or file type in constructor.
return {
type: firelensConfig.type,
options: {
'enable-ecs-log-metadata': firelensConfig.options.enableECSLogMetadata ? 'true' : 'false',
'config-file-type': firelensConfig.options.configFileType!,
'config-file-value': firelensConfig.options.configFileValue,
'config-file-value': firelensConfig.options.configFileValue!,
},
};
}
Expand Down Expand Up @@ -203,32 +212,45 @@ export class FirelensLogRouter extends ContainerDefinition {
if (options) {
const enableECSLogMetadata = options.enableECSLogMetadata || options.enableECSLogMetadata === undefined;
const configFileType = (options.configFileType === undefined || options.configFileType === FirelensConfigFileType.S3) &&
(cdk.Token.isUnresolved(options.configFileValue) || /arn:aws[a-zA-Z-]*:s3:::.+/.test(options.configFileValue))
(cdk.Token.isUnresolved(options.configFileValue) || /arn:aws[a-zA-Z-]*:s3:::.+/.test(options.configFileValue || ''))
? FirelensConfigFileType.S3 : FirelensConfigFileType.FILE;
this.firelensConfig = {
type: props.firelensConfig.type,
options: {
enableECSLogMetadata,
configFileType,
configFileValue: options.configFileValue,
},
};

// grant s3 access permissions
if (configFileType === FirelensConfigFileType.S3) {
props.taskDefinition.addToExecutionRolePolicy(new iam.PolicyStatement({
actions: [
's3:GetObject',
],
resources: [options.configFileValue],
}));
props.taskDefinition.addToExecutionRolePolicy(new iam.PolicyStatement({
actions: [
's3:GetBucketLocation',
],
resources: [options.configFileValue.split('/')[0]],
}));

if (options.configFileValue != undefined) {
this.firelensConfig = {
type: props.firelensConfig.type,
options: {
enableECSLogMetadata,
configFileType,
configFileValue: options.configFileValue,
},
};
} else {
this.firelensConfig = {
type: props.firelensConfig.type,
options: {
enableECSLogMetadata: enableECSLogMetadata,
},
};
}

if (options.configFileValue != undefined) {
// grant s3 access permissions
if (configFileType === FirelensConfigFileType.S3) {
props.taskDefinition.addToExecutionRolePolicy(new iam.PolicyStatement({
actions: [
's3:GetObject',
],
resources: [options.configFileValue],
}));
props.taskDefinition.addToExecutionRolePolicy(new iam.PolicyStatement({
actions: [
's3:GetBucketLocation',
],
resources: [(options.configFileValue || '').split('/')[0]],
}));
}
}

} else {
this.firelensConfig = props.firelensConfig;
}
Expand Down

0 comments on commit 0b8d047

Please sign in to comment.