Configure Lambda Log Retention in AWS CDK

avatar

Borislav Hadzhiev

Sat May 01 20213 min read

In order to update the log retention period of a lambda function, set the `logRetention` prop on the construct.

Configuring Lambda Log Retention in AWS CDK #

When a lambda function gets invoked for the first time, it creates a log group with log retention set to Never expire.

log group never expire

In order to configure a different log retention period for Lambda in CDK, we have to pass the logRetention prop to the Function construct.

The code for this article is available on GitHub
lib/cdk-starter-stack.ts
import * as lambda from '@aws-cdk/aws-lambda';
import * as logs from '@aws-cdk/aws-logs';
import * as cdk from '@aws-cdk/core';
import * as path from 'path';

export class CdkStarterStack extends cdk.Stack {
  constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    // ๐Ÿ‘‡ lambda function definition
    const lambdaFunction = new lambda.Function(this, 'lambda-function', {
      runtime: lambda.Runtime.NODEJS_14_X,
      handler: 'index.main',
      code: lambda.Code.fromAsset(path.join(__dirname, '/../src/my-lambda')),
      // ๐Ÿ‘‡ set Log Retention in Days
      logRetention: logs.RetentionDays.ONE_DAY,
    });
  }
}

Let's go over what we did in the code snippet:

  1. we created a lambda function, by instantiating the Function class
  2. we configured the logRetention property and set the log retention for the function's log group to be 1 day. The logRetention prop allows us to configure for how many days the logs of the function should be kept in CloudWatch.

For the purposes of this demo, the code of the lambda function could be as simple as:

src/my-lambda/index.js
async function main(event) {
  return {
    body: JSON.stringify({message: 'SUCCESS ๐ŸŽ‰'}),
    statusCode: 200,
  };
}

module.exports = {main};

Let's execute a deployment:

shell
npx cdk deploy

In order to create the log group for a new lambda function, we have to invoke it once. I'll invoke the function via the Lambda management console:

lambda function invoked

If we now open the lambda function's log group, we can see that the log retention has been updated to 1 day:

lambda log retention updated

By setting the logRetention prop for our lambda function, we created a custom CloudFormation resource.

The custom resource is responsible for:

  • creating a log group for the function, if one doesn't already exist
  • updating the log retention period to the specified number of days

If we look at the resources, our stack has provisioned, we can see that there are 2 lambda functions - ours and a custom resource, automatically created for us by CDK:

log retention custom resource

Removing the logRetention prop doesn't set the log retention period to the default of logs never getting deleted. In order to revert back to the default retention period, we have to set the logRetention prop of the function to Infinite

In order to revert the log retention of a function to logs never expiring, set the logRetention prop to INFINITE.

lib/cdk-starter-stack.ts
import * as lambda from '@aws-cdk/aws-lambda';
import * as logs from '@aws-cdk/aws-logs';
import * as cdk from '@aws-cdk/core';
import * as path from 'path';

export class CdkStarterStack extends cdk.Stack {
  constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    const lambdaFunction = new lambda.Function(this, 'lambda-function', {
      runtime: lambda.Runtime.NODEJS_14_X,
      handler: 'index.main',
      code: lambda.Code.fromAsset(path.join(__dirname, '/../src/my-lambda')),
      // ๐Ÿ‘‡ Revert the Log Retention to Infinite
      logRetention: logs.RetentionDays.INFINITE,
    });
  }
}

Clean up #

To delete the provisioned resources, execute the destroy command:

shell
npx cdk destroy

Further Reading #

Join my newsletter

I'll send you 1 email a week with links to all of the articles I've written that week

Buy Me A Coffee