CloudWatch group not destroying

[dspv]

Description

When destroy Lambda - CloudWatch log group is not destroyed

• ✋ I have searched the open/closed issues and my issue is not listed.

⚠️ Note

Before you submit an issue, please perform the following first:

1. Remove the local .terraform directory (! ONLY if state is stored remotely, which hopefully you are following that best practice!): rm -rf .terraform/
2. Re-initialize the project root to pull down modules: terraform init
3. Re-attempt your terraform plan or apply and check if the issue still persists

Versions

• Module version [Required]: 7.2.6

• Terraform version:

Terraform v1.5.5
on darwin_arm64
+ provider registry.terraform.io/hashicorp/aws v5.47.0
+ provider registry.terraform.io/hashicorp/external v2.3.3
+ provider registry.terraform.io/hashicorp/local v2.5.1
+ provider registry.terraform.io/hashicorp/null v3.2.2
+ provider registry.terraform.io/hashicorp/time v0.11.1
+ provider registry.terraform.io/integrations/github v5.45.0
+ provider registry.terraform.io/logdna/logdna v1.16.0

Your version of Terraform is out of date! The latest version
is 1.8.2. You can update by downloading from https://www.terraform.io/downloads.html

Reproduction Code [Required]

module mezmo_lambda {
  source  = "terraform-aws-modules/lambda/aws"
  version = "~> 7.0"

  function_name                       = "usw2-dev-ptest-1mezmo-lambda"
  description                         = "Push logs CloudWatch -> Mezmo for usw2-dev-ptest1"
  handler                             = "index.handler"
  runtime                             = "nodejs20.x"
  timeout                             = 10
  memory_size                         = 256
  maximum_retry_attempts              = 0
  create_package                      = false
  local_existing_package              = "${path.module}/lambda-logdna-cloudwatch-to-s3.zip"
  tags                                = var.standard_tags
  cloudwatch_logs_retention_in_days   = 3

  environment_variables = {
    LOGDNA_KEY          = <SECRET>
    LOGDNA_TAGS         = "usw2-dev-ptest"
    LOG_RAW_EVENT       = "yes"
  }
}

Steps to reproduce the behavior:

NO

YES

Just run terraform apply

Expected behavior

When applying once again I want to see everything is applied correctly

Actual behavior

│ Error: creating CloudWatch Logs Log Group (/aws/lambda/usw2-dev-ptest1-mezmo-lambda): operation error CloudWatch Logs: CreateLogGroup, https response error StatusCode: 400, RequestID: 99b8bbdf-cb2b-4a80-967b-7a141a40d70d, ResourceAlreadyExistsException: The specified log group already exists
│
│   with module.environment.module.mezmo_lambda.aws_cloudwatch_log_group.lambda[0],
│   on .terraform/modules/environment.mezmo_lambda/main.tf line 218, in resource "aws_cloudwatch_log_group" "lambda":
│  218: resource "aws_cloudwatch_log_group" "lambda" {
│
╵

[antonbabenko]

If the Log Group is not empty, it won't be deleted, and you need to specify use_existing_cloudwatch_log_group = true.

It would be great if there is a way to configure skip_destroy argument to be able to manage the lifecycle of log groups as well. Pull-request is welcome!

[antonbabenko]

This issue has been resolved in version 7.4.0 🎉

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.