Problem description
This module deploys an aws_cloudwatch_log_group resource, with a passthrough to configure the log retention period and no other configuration options.
Some organizations have strict requirements for KMS key usage, and there is currently no way to specify a KMS key to encrypt the log group.
Proposed solution 1
Add an optional variable accepting a KMS key ID to include in the aws_cloudwatch_log_group resource.
Proposed solution 2
Allow the option to skip the deployment of the Cloudwatch log group, which would allow the log group to be deployed/managed outside of this module.
Problem description
This module deploys an
aws_cloudwatch_log_groupresource, with a passthrough to configure the log retention period and no other configuration options.Some organizations have strict requirements for KMS key usage, and there is currently no way to specify a KMS key to encrypt the log group.
Proposed solution 1
Add an optional variable accepting a KMS key ID to include in the
aws_cloudwatch_log_groupresource.Proposed solution 2
Allow the option to skip the deployment of the Cloudwatch log group, which would allow the log group to be deployed/managed outside of this module.