feat(logs): enabling IA log group creation in CN and GovCloud regions (…

…aws#30904) ### Reason for this change CloudwatchLogs recently launched support for Infrequent Access Log Group Class in china and gov cloud regions. We are adding support in CDK to use this feature. ### Description of changes Added LogGroup Class attribute support in CDK for China and GovCloud regions. This feature is already launched by CWL in china and gov-cloud regions. This PR would add CDK support for the same. ### Description of how you validated changes This feature is already has integ test coverage in commercial region. We have validated the feature on service side already. ### Checklist - [-] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
obraafo · Jul 25, 2024 · 618269e · 618269e
1 parent b5e45b6
commit 618269e
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 4 deletions.
diff --git a/packages/aws-cdk-lib/aws-logs/README.md b/packages/aws-cdk-lib/aws-logs/README.md
@@ -40,6 +40,16 @@ publish their log group to a specific region, such as AWS Chatbot creating a log
 
 By default, the log group created by LogRetention will be retained after the stack is deleted. If the RemovalPolicy is set to DESTROY, then the log group will be deleted when the stack is deleted.
 
+## Log Group Class
+
+CloudWatch Logs offers two classes of log groups:
+
+1. The CloudWatch Logs Standard log class is a full-featured option for logs that require real-time monitoring or logs that you access frequently.
+
+2. The CloudWatch Logs Infrequent Access log class is a new log class that you can use to cost-effectively consolidate your logs. This log class offers a subset of CloudWatch Logs capabilities including managed ingestion, storage, cross-account log analytics, and encryption with a lower ingestion price per GB. The Infrequent Access log class is ideal for ad-hoc querying and after-the-fact forensic analysis on infrequently accessed logs.
+
+For more details please check: [log group class documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)
+
 ## Resource Policy
 
 CloudWatch Resource Policies allow other AWS services or IAM Principals to put log events into the log groups.

diff --git a/packages/aws-cdk-lib/aws-logs/lib/log-group.ts b/packages/aws-cdk-lib/aws-logs/lib/log-group.ts
@@ -520,13 +520,9 @@ export class LogGroup extends LogGroupBase {
     let logGroupClass = props.logGroupClass;
     const stack = Stack.of(scope);
     const logGroupClassUnsupportedRegions = [
-      'cn-north-1', // BJS
-      'cn-northwest-1', // ZHY
       'us-iso-west-1', // APA
       'us-iso-east-1', // DCA
       'us-isob-east-1', // LCK
-      'us-gov-west-1', // PDT
-      'us-gov-east-1', // OSU
     ];
     if (logGroupClass !== undefined && !Token.isUnresolved(stack.region) && logGroupClassUnsupportedRegions.includes(stack.region)) {
       Annotations.of(this).addWarningV2('@aws-cdk/aws-logs:propertyNotSupported', `The LogGroupClass property is not supported in the following regions: ${logGroupClassUnsupportedRegions}`);