Cloudformation:ECS TaskDefinition CloudWatch 日志保留策略
Cloudformation: ECS TaskDefinition CloudWatch logs retention policy
是否可以在 ECS 任务定义中指定 CloudWatch 日志保留策略?
找不到任何关于它的文档。
ServiceTaskDefinition:
Type: AWS::ECS::TaskDefinition
Properties:
ExecutionRoleArn: !GetAtt EcsTaskExecutionRole.Arn
TaskRoleArn: !GetAtt EcsTaskRole.Arn
Cpu: !Ref TaskDefinitionCpu
Memory: !Ref TaskDefinitionMemory
NetworkMode: awsvpc
ContainerDefinitions:
- Name: !Join ['-', ['container', !Ref AWS::StackName]]
Image: !Ref EcrImage
PortMappings:
- ContainerPort: !Ref Port
HostPort: !Ref Port
Protocol: tcp
Essential: true
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-group: !Join ['', ['/ecs/', !Ref AWS::StackName]]
awslogs-region: !Ref AWS::Region
awslogs-stream-prefix: ecs
awslogs-create-group: true
# Retention policy ??
There appears to be no support for specifying the retention policy when you "auto create" the log group in the Task Definition. You could however create your log group out of band and let your Task Definition consume it (instead of auto creating it). The retention policy could be defined when you create the log group explicitly (that is, in the AWS::Logs::LogGroup definition). See here.
同意其他答案,即 awslogs options
中没有指定日志保留的选项
我们需要创建并传递它:
CloudwatchLogsGroup:
Type: 'AWS::Logs::LogGroup'
Properties:
LogGroupName: !Sub '${AWS::StackName}-ECSLogGroup'
RetentionInDays: 14
容器定义:
ContainerTaskdefinition:
Type: 'AWS::ECS::TaskDefinition'
Properties:
Family: !Ref 'AWS::StackName'
ExecutionRoleArn: !Ref ECSTaskExecutionRole
TaskRoleArn: !Ref ECSTaskExecutionRole
Cpu: '256'
Memory: 1GB
NetworkMode: awsvpc
RequiresCompatibilities:
- EC2
- FARGATE
ContainerDefinitions:
- Name: !Ref 'AWS::StackName'
Cpu: 256
Essential: 'true'
Image: !Ref Image
Memory: '1024'
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-group: !Ref CloudwatchLogsGroup <-- refer to log group
awslogs-region: !Ref 'AWS::Region'
awslogs-stream-prefix: ecs
与支持记录到 CloudWatch 日志的所有其他服务一样,如果您想在日志组上设置 KMS 加密和日志保留等内容,您必须先创建日志组,使用您想要的设置,然后配置记录到该日志组的服务。
是否可以在 ECS 任务定义中指定 CloudWatch 日志保留策略? 找不到任何关于它的文档。
ServiceTaskDefinition:
Type: AWS::ECS::TaskDefinition
Properties:
ExecutionRoleArn: !GetAtt EcsTaskExecutionRole.Arn
TaskRoleArn: !GetAtt EcsTaskRole.Arn
Cpu: !Ref TaskDefinitionCpu
Memory: !Ref TaskDefinitionMemory
NetworkMode: awsvpc
ContainerDefinitions:
- Name: !Join ['-', ['container', !Ref AWS::StackName]]
Image: !Ref EcrImage
PortMappings:
- ContainerPort: !Ref Port
HostPort: !Ref Port
Protocol: tcp
Essential: true
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-group: !Join ['', ['/ecs/', !Ref AWS::StackName]]
awslogs-region: !Ref AWS::Region
awslogs-stream-prefix: ecs
awslogs-create-group: true
# Retention policy ??
There appears to be no support for specifying the retention policy when you "auto create" the log group in the Task Definition. You could however create your log group out of band and let your Task Definition consume it (instead of auto creating it). The retention policy could be defined when you create the log group explicitly (that is, in the AWS::Logs::LogGroup definition). See here.
同意其他答案,即 awslogs options
中没有指定日志保留的选项我们需要创建并传递它:
CloudwatchLogsGroup:
Type: 'AWS::Logs::LogGroup'
Properties:
LogGroupName: !Sub '${AWS::StackName}-ECSLogGroup'
RetentionInDays: 14
容器定义:
ContainerTaskdefinition:
Type: 'AWS::ECS::TaskDefinition'
Properties:
Family: !Ref 'AWS::StackName'
ExecutionRoleArn: !Ref ECSTaskExecutionRole
TaskRoleArn: !Ref ECSTaskExecutionRole
Cpu: '256'
Memory: 1GB
NetworkMode: awsvpc
RequiresCompatibilities:
- EC2
- FARGATE
ContainerDefinitions:
- Name: !Ref 'AWS::StackName'
Cpu: 256
Essential: 'true'
Image: !Ref Image
Memory: '1024'
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-group: !Ref CloudwatchLogsGroup <-- refer to log group
awslogs-region: !Ref 'AWS::Region'
awslogs-stream-prefix: ecs
与支持记录到 CloudWatch 日志的所有其他服务一样,如果您想在日志组上设置 KMS 加密和日志保留等内容,您必须先创建日志组,使用您想要的设置,然后配置记录到该日志组的服务。