- Newest
- Most votes
- Most comments
Hi,
No, unfortunately it is no possible. According to AWS documentation, you can set the LoggingConfiguration parameter when using UpdateStateMachine, but running executions will continue to use the previous definition and roleArn.
You can check it yourself with the following example that I have prepared. Starting from a Step Function with logging disabled, in the first state a loggroup is created and in the second its own configuration is updated to enable logging on said loggroup. Thus, although both actions are executed correctly, the execution is not logged.
{
"Comment": "A description of my state machine",
"StartAt": "CreateLogGroup",
"States": {
"CreateLogGroup": {
"Type": "Task",
"Next": "UpdateStateMachine",
"Parameters": {
"LogGroupName": "MyTestLogGroup"
},
"Resource": "arn:aws:states:::aws-sdk:cloudwatchlogs:createLogGroup"
},
"UpdateStateMachine": {
"Type": "Task",
"Parameters": {
"StateMachineArn.$": "$$.StateMachine.Id",
"LoggingConfiguration": {
"Destinations": [
{
"CloudWatchLogsLogGroup": {
"LogGroupArn": "arn:aws:logs:<region>:<account-number>:log-group:MyTestLogGroup:*"
}
}
],
"IncludeExecutionData": true,
"Level": "ALL"
}
},
"Resource": "arn:aws:states:::aws-sdk:sfn:updateStateMachine",
"Next": "LogOutput"
},
"LogOutput": {
"Type": "Pass",
"End": true,
"Result": {
"result": "OK"
}
}
}
}
Hello,
The usecase is not at all feasible since, even if the State Machine keeps updating the log group provided in the definition, running executions will continue to use the previous definition and role Arn exclusively.
According to AWS documentation, it is mentioned that to configure logging, you can pass the LoggingConfiguration parameter when using CreateStateMachine or UpdateStateMachine.
I further verified the setup at my end using the example below and found that, while the step function creates a new log group, the logs will only appear in the previous log groups as stated in the previous definition.
You can check it yourself as mentioned with the following example given. Starting from a Step Function with logging disabled, in the first state a log group is created and in the second its own configuration is updated to enable logging on said log group. Thus, although both actions are executed correctly, the execution is not logged and you will see the logs in the previous defined Log group rather than the current one that you mention in the running execution.
{
"Comment": "A description of my state machine",
"StartAt": "CreateLogGroup",
"States": {
"CreateLogGroup": {
"Type": "Task",
"Next": "UpdateStateMachine",
"Parameters": {
"LogGroupName": "MyTestLogGroup"
},
"Resource": "arn:aws:states:::aws-sdk:cloudwatchlogs:createLogGroup"
},
"UpdateStateMachine": {
"Type": "Task",
"Parameters": {
"StateMachineArn.$": "$$.StateMachine.Id",
"LoggingConfiguration": {
"Destinations": [
{
"CloudWatchLogsLogGroup": {
"LogGroupArn": "arn:aws:logs:<region>:<account-number>:log-group:MyTestLogGroup:*"
}
}
],
"IncludeExecutionData": true,
"Level": "ALL"
}
},
"Resource": "arn:aws:states:::aws-sdk:sfn:updateStateMachine",
"Next": "LogOutput"
},
"LogOutput": {
"Type": "Pass",
"End": true,
"Result": {
"result": "OK"
}
}
}
}
Thanks
Relevant content
- asked 7 years ago
- asked 8 months ago
- Accepted Answerasked 2 years ago
- asked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 months ago
Thanks a lot Mikel