diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.assets.json new file mode 100644 index 0000000000000..2af610f0d4a39 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "IntegDefaultTestDeployAssert4E6713E1.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/IntegDefaultTestDeployAssert4E6713E1.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/cdk-integ-opensearch-with-logging-disabled.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/cdk-integ-opensearch-with-logging-disabled.assets.json new file mode 100644 index 0000000000000..b46fb3b2b28a2 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/cdk-integ-opensearch-with-logging-disabled.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "415ec226ad6b4b9ef60a562147e766bbbb20cee0dbafabba072b480f5be4521e": { + "source": { + "path": "cdk-integ-opensearch-with-logging-disabled.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "415ec226ad6b4b9ef60a562147e766bbbb20cee0dbafabba072b480f5be4521e.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/cdk-integ-opensearch-with-logging-disabled.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/cdk-integ-opensearch-with-logging-disabled.template.json new file mode 100644 index 0000000000000..e40bf735f746d --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/cdk-integ-opensearch-with-logging-disabled.template.json @@ -0,0 +1,82 @@ +{ + "Resources": { + "Domain66AC69E0": { + "Type": "AWS::OpenSearchService::Domain", + "Properties": { + "ClusterConfig": { + "DedicatedMasterEnabled": false, + "InstanceCount": 1, + "InstanceType": "r5.large.search", + "MultiAZWithStandbyEnabled": false, + "ZoneAwarenessEnabled": false + }, + "DomainEndpointOptions": { + "EnforceHTTPS": false, + "TLSSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" + }, + "EBSOptions": { + "EBSEnabled": true, + "VolumeSize": 10, + "VolumeType": "gp2" + }, + "EncryptionAtRestOptions": { + "Enabled": false + }, + "EngineVersion": "OpenSearch_2.11", + "LogPublishingOptions": { + "SEARCH_SLOW_LOGS": { + "Enabled": false + }, + "INDEX_SLOW_LOGS": { + "Enabled": false + }, + "ES_APPLICATION_LOGS": { + "Enabled": false + }, + "AUDIT_LOGS": { + "Enabled": false + } + }, + "NodeToNodeEncryptionOptions": { + "Enabled": false + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/cdk.out new file mode 100644 index 0000000000000..1f0068d32659a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"36.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/integ.json new file mode 100644 index 0000000000000..6da636c654237 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "36.0.0", + "testCases": { + "Integ/DefaultTest": { + "stacks": [ + "cdk-integ-opensearch-with-logging-disabled" + ], + "assertionStack": "Integ/DefaultTest/DeployAssert", + "assertionStackName": "IntegDefaultTestDeployAssert4E6713E1" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/manifest.json new file mode 100644 index 0000000000000..22189f0b3cf1b --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/manifest.json @@ -0,0 +1,113 @@ +{ + "version": "36.0.0", + "artifacts": { + "cdk-integ-opensearch-with-logging-disabled.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "cdk-integ-opensearch-with-logging-disabled.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "cdk-integ-opensearch-with-logging-disabled": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "cdk-integ-opensearch-with-logging-disabled.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/415ec226ad6b4b9ef60a562147e766bbbb20cee0dbafabba072b480f5be4521e.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "cdk-integ-opensearch-with-logging-disabled.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "cdk-integ-opensearch-with-logging-disabled.assets" + ], + "metadata": { + "/cdk-integ-opensearch-with-logging-disabled/Domain/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Domain66AC69E0" + } + ], + "/cdk-integ-opensearch-with-logging-disabled/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/cdk-integ-opensearch-with-logging-disabled/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "cdk-integ-opensearch-with-logging-disabled" + }, + "IntegDefaultTestDeployAssert4E6713E1.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "IntegDefaultTestDeployAssert4E6713E1.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "IntegDefaultTestDeployAssert4E6713E1": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "IntegDefaultTestDeployAssert4E6713E1.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "IntegDefaultTestDeployAssert4E6713E1.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "IntegDefaultTestDeployAssert4E6713E1.assets" + ], + "metadata": { + "/Integ/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/Integ/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "Integ/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/tree.json new file mode 100644 index 0000000000000..4164a22f7ead6 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.js.snapshot/tree.json @@ -0,0 +1,161 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "cdk-integ-opensearch-with-logging-disabled": { + "id": "cdk-integ-opensearch-with-logging-disabled", + "path": "cdk-integ-opensearch-with-logging-disabled", + "children": { + "Domain": { + "id": "Domain", + "path": "cdk-integ-opensearch-with-logging-disabled/Domain", + "children": { + "Resource": { + "id": "Resource", + "path": "cdk-integ-opensearch-with-logging-disabled/Domain/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::OpenSearchService::Domain", + "aws:cdk:cloudformation:props": { + "clusterConfig": { + "dedicatedMasterEnabled": false, + "instanceCount": 1, + "instanceType": "r5.large.search", + "multiAzWithStandbyEnabled": false, + "zoneAwarenessEnabled": false + }, + "domainEndpointOptions": { + "enforceHttps": false, + "tlsSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" + }, + "ebsOptions": { + "ebsEnabled": true, + "volumeSize": 10, + "volumeType": "gp2" + }, + "encryptionAtRestOptions": { + "enabled": false + }, + "engineVersion": "OpenSearch_2.11", + "logPublishingOptions": { + "SEARCH_SLOW_LOGS": { + "enabled": false + }, + "INDEX_SLOW_LOGS": { + "enabled": false + }, + "ES_APPLICATION_LOGS": { + "enabled": false + }, + "AUDIT_LOGS": { + "enabled": false + } + }, + "nodeToNodeEncryptionOptions": { + "enabled": false + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_opensearchservice.CfnDomain", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_opensearchservice.Domain", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "cdk-integ-opensearch-with-logging-disabled/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "cdk-integ-opensearch-with-logging-disabled/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "Integ": { + "id": "Integ", + "path": "Integ", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "Integ/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "Integ/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "Integ/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "Integ/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "Integ/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.ts new file mode 100644 index 0000000000000..7ebaaa8d1e056 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-opensearchservice/test/integ.opensearch.disable-logging.ts @@ -0,0 +1,29 @@ +import { App, RemovalPolicy, Stack, StackProps } from 'aws-cdk-lib'; +import { Construct } from 'constructs'; +import * as opensearch from 'aws-cdk-lib/aws-opensearchservice'; + +class TestStack extends Stack { + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + + const domainProps: opensearch.DomainProps = { + version: opensearch.EngineVersion.OPENSEARCH_2_11, + removalPolicy: RemovalPolicy.DESTROY, + logging: { + auditLogEnabled: false, + appLogEnabled: false, + slowIndexLogEnabled: false, + slowSearchLogEnabled: false, + }, + capacity: { + multiAzWithStandbyEnabled: false, + }, + }; + + new opensearch.Domain(this, 'Domain', domainProps); + } +} + +const app = new App(); +new TestStack(app, 'cdk-integ-opensearch-with-logging-disabled'); +app.synth(); \ No newline at end of file diff --git a/packages/aws-cdk-lib/aws-opensearchservice/lib/domain.ts b/packages/aws-cdk-lib/aws-opensearchservice/lib/domain.ts index be08ca406d525..7a6a6bd0ad5f5 100644 --- a/packages/aws-cdk-lib/aws-opensearchservice/lib/domain.ts +++ b/packages/aws-cdk-lib/aws-opensearchservice/lib/domain.ts @@ -1724,6 +1724,7 @@ export class Domain extends DomainBase implements IDomain, ec2.IConnectable { // Setup logging const logGroups: logs.ILogGroup[] = []; + const logPublishing: Record = {}; if (props.logging?.slowSearchLogEnabled) { this.slowSearchLogGroup = props.logging.slowSearchLogGroup ?? @@ -1732,6 +1733,14 @@ export class Domain extends DomainBase implements IDomain, ec2.IConnectable { }); logGroups.push(this.slowSearchLogGroup); + logPublishing.SEARCH_SLOW_LOGS = { + enabled: true, + cloudWatchLogsLogGroupArn: this.slowSearchLogGroup.logGroupArn, + }; + } else if (props.logging?.slowSearchLogEnabled === false) { + logPublishing.SEARCH_SLOW_LOGS = { + enabled: false, + }; }; if (props.logging?.slowIndexLogEnabled) { @@ -1741,6 +1750,14 @@ export class Domain extends DomainBase implements IDomain, ec2.IConnectable { }); logGroups.push(this.slowIndexLogGroup); + logPublishing.INDEX_SLOW_LOGS = { + enabled: true, + cloudWatchLogsLogGroupArn: this.slowIndexLogGroup.logGroupArn, + }; + } else if (props.logging?.slowIndexLogEnabled === false) { + logPublishing.INDEX_SLOW_LOGS = { + enabled: false, + }; }; if (props.logging?.appLogEnabled) { @@ -1750,6 +1767,14 @@ export class Domain extends DomainBase implements IDomain, ec2.IConnectable { }); logGroups.push(this.appLogGroup); + logPublishing.ES_APPLICATION_LOGS = { + enabled: true, + cloudWatchLogsLogGroupArn: this.appLogGroup.logGroupArn, + }; + } else if (props.logging?.appLogEnabled === false) { + logPublishing.ES_APPLICATION_LOGS = { + enabled: false, + }; }; if (props.logging?.auditLogEnabled) { @@ -1759,6 +1784,14 @@ export class Domain extends DomainBase implements IDomain, ec2.IConnectable { }); logGroups.push(this.auditLogGroup); + logPublishing.AUDIT_LOGS = { + enabled: true, + cloudWatchLogsLogGroupArn: this.auditLogGroup?.logGroupArn, + }; + } else if (props.logging?.auditLogEnabled === false) { + logPublishing.AUDIT_LOGS = { + enabled: false, + }; }; let logGroupResourcePolicy: LogGroupResourcePolicy | null = null; @@ -1779,36 +1812,6 @@ export class Domain extends DomainBase implements IDomain, ec2.IConnectable { }); } - const logPublishing: Record = {}; - - if (this.appLogGroup) { - logPublishing.ES_APPLICATION_LOGS = { - enabled: true, - cloudWatchLogsLogGroupArn: this.appLogGroup.logGroupArn, - }; - } - - if (this.slowSearchLogGroup) { - logPublishing.SEARCH_SLOW_LOGS = { - enabled: true, - cloudWatchLogsLogGroupArn: this.slowSearchLogGroup.logGroupArn, - }; - } - - if (this.slowIndexLogGroup) { - logPublishing.INDEX_SLOW_LOGS = { - enabled: true, - cloudWatchLogsLogGroupArn: this.slowIndexLogGroup.logGroupArn, - }; - } - - if (this.auditLogGroup) { - logPublishing.AUDIT_LOGS = { - enabled: this.auditLogGroup != null, - cloudWatchLogsLogGroupArn: this.auditLogGroup?.logGroupArn, - }; - } - let customEndpointCertificate: acm.ICertificate | undefined; if (props.customEndpoint) { if (props.customEndpoint.certificate) { diff --git a/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts b/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts index 4c10e6868b70c..4c7796fe3e5ea 100644 --- a/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts +++ b/packages/aws-cdk-lib/aws-opensearchservice/test/domain.test.ts @@ -846,6 +846,90 @@ each([testedOpenSearchVersions]).describe('log groups', (engineVersion) => { }, }); }); + + test('can disable application logs', () => { + new Domain(stack, 'Domain1', { + version: engineVersion, + logging: { + appLogEnabled: false, + }, + }); + + Template.fromStack(stack).resourceCountIs('Custom::CloudwatchLogResourcePolicy', 0); + Template.fromStack(stack).hasResourceProperties('AWS::OpenSearchService::Domain', { + LogPublishingOptions: { + ES_APPLICATION_LOGS: { + Enabled: false, + }, + AUDIT_LOGS: Match.absent(), + SEARCH_SLOW_LOGS: Match.absent(), + INDEX_SLOW_LOGS: Match.absent(), + }, + }); + }); + + test('can disable audit logs', () => { + new Domain(stack, 'Domain1', { + version: engineVersion, + logging: { + auditLogEnabled: false, + }, + }); + + Template.fromStack(stack).resourceCountIs('Custom::CloudwatchLogResourcePolicy', 0); + Template.fromStack(stack).hasResourceProperties('AWS::OpenSearchService::Domain', { + LogPublishingOptions: { + ES_APPLICATION_LOGS: Match.absent(), + AUDIT_LOGS: { + Enabled: false, + }, + SEARCH_SLOW_LOGS: Match.absent(), + INDEX_SLOW_LOGS: Match.absent(), + }, + }); + }); + + test('can disable slow search logs', () => { + new Domain(stack, 'Domain1', { + version: engineVersion, + logging: { + slowSearchLogEnabled: false, + }, + }); + + Template.fromStack(stack).resourceCountIs('Custom::CloudwatchLogResourcePolicy', 0); + Template.fromStack(stack).hasResourceProperties('AWS::OpenSearchService::Domain', { + LogPublishingOptions: { + ES_APPLICATION_LOGS: Match.absent(), + AUDIT_LOGS: Match.absent(), + SEARCH_SLOW_LOGS: { + Enabled: false, + }, + INDEX_SLOW_LOGS: Match.absent(), + }, + }); + }); + + test('can disable slow index logs', () => { + new Domain(stack, 'Domain1', { + version: engineVersion, + logging: { + slowIndexLogEnabled: false, + }, + }); + + Template.fromStack(stack).resourceCountIs('Custom::CloudwatchLogResourcePolicy', 0); + Template.fromStack(stack).hasResourceProperties('AWS::OpenSearchService::Domain', { + LogPublishingOptions: { + ES_APPLICATION_LOGS: Match.absent(), + AUDIT_LOGS: Match.absent(), + SEARCH_SLOW_LOGS: Match.absent(), + INDEX_SLOW_LOGS: { + Enabled: false, + }, + }, + }); + }); }); each(testedOpenSearchVersions).describe('grants', (engineVersion) => {