Access logs can't be disabled

[cedric-spinergie]

The issue #115 has been closed too soon, the problem is still present.
As mentioned in #115 (comment), setting stage_access_log_settings = null results in lots of errors:

Logs

╷
│ Error: Attempt to get attribute from null value
│ 
│   on .terraform/modules/api_gateway/main.tf line 413, in resource "aws_cloudwatch_log_group" "this":
│  413:   name              = coalesce(each.value.log_group_name, "/aws/apigateway/${var.name}/${replace(var.stage_name, "$", "")}")
│     ├────────────────
│     │ each.value is null
│ 
│ This value is null, so it does not have any attributes.
╵
╷
│ Error: Attempt to get attribute from null value
│ 
│   on .terraform/modules/api_gateway/main.tf line 414, in resource "aws_cloudwatch_log_group" "this":
│  414:   retention_in_days = each.value.log_group_retention_in_days
│     ├────────────────
│     │ each.value is null
│ 
│ This value is null, so it does not have any attributes.
╵
╷
│ Error: Attempt to get attribute from null value
│ 
│   on .terraform/modules/api_gateway/main.tf line 415, in resource "aws_cloudwatch_log_group" "this":
│  415:   kms_key_id        = each.value.log_group_kms_key_id
│     ├────────────────
│     │ each.value is null
│ 
│ This value is null, so it does not have any attributes.
╵
╷
│ Error: Attempt to get attribute from null value
│ 
│   on .terraform/modules/api_gateway/main.tf line 416, in resource "aws_cloudwatch_log_group" "this":
│  416:   skip_destroy      = each.value.log_group_skip_destroy
│     ├────────────────
│     │ each.value is null
│ 
│ This value is null, so it does not have any attributes.
╵
╷
│ Error: Attempt to get attribute from null value
│ 
│   on .terraform/modules/api_gateway/main.tf line 417, in resource "aws_cloudwatch_log_group" "this":
│  417:   log_group_class   = each.value.log_group_class
│     ├────────────────
│     │ each.value is null
│ 
│ This value is null, so it does not have any attributes.
╵
╷
│ Error: Attempt to get attribute from null value
│ 
│   on .terraform/modules/api_gateway/main.tf line 419, in resource "aws_cloudwatch_log_group" "this":
│  419:   tags = merge(var.tags, each.value.log_group_tags)
│     ├────────────────
│     │ each.value is null
│ 
│ This value is null, so it does not have any attributes.

This line needs to be changed so it doesn't allow creating the resource if the var is null.

In my case, changing the for_each line to add && v != null was enough to fix the problem.

[bryantbiggs]

this doesn't make sense - why are you trying to set it to null instead of using create_log_group = false?

[cedric-spinergie]

this doesn't make sense - why are you trying to set it to null instead of using create_log_group = false?

@bryantbiggs Hello and thanks for replying!

Both result in a config error here. Setting it to null results in the errors I mentioned in my OP.

And setting it to exactly

  stage_access_log_settings = {
    create_log_group = false
  }

generates errors elsewhere:

│ Error: Missing required argument
│ 
│   with module.api_gateway.aws_apigatewayv2_stage.this[0],
│   on .terraform/modules/api_gateway/main.tf line 321, in resource "aws_apigatewayv2_stage" "this":
│  321: resource "aws_apigatewayv2_stage" "this" {
│ 
│ The argument "access_log_settings.0.destination_arn" is required, but no definition was found.

which is expected because create_XXX = false usually means "I'll manage it myself, use mine" which is not the goal right now.
The goal is to entirely bypass and disable everything related to access logs. In the previous issue (#115), that's also what the OP wanted to achieve.

[cedric-spinergie]

@bryantbiggs Any feedback on this?