o-nikolas commented on a change in pull request #19022:
URL: https://github.com/apache/airflow/pull/19022#discussion_r738669532
##########
File path: airflow/config_templates/airflow_local_settings.py
##########
@@ -194,13 +193,17 @@
DEFAULT_LOGGING_CONFIG['handlers'].update(S3_REMOTE_HANDLERS)
elif REMOTE_BASE_LOG_FOLDER.startswith('cloudwatch://'):
+ create_log_group = conf.getboolean('logging',
'CREATE_CLOUDWATCH_LOG_GROUP', fallback=True)
+ create_log_stream = conf.getboolean('logging',
'CREATE_CLOUDWATCH_LOG_STREAM', fallback=True)
Review comment:
Also, the log group name is already configurable through the arn. And it
should be harmless for watchtower to attempt to re-create it (it correctly
handles the resource already existing exception). Your original issue was an
authentication issue, not an idempotentcy issue.
The only reason I can think of that you'd ever want to restrict log group
creation is if the aws role/user you are using does not, and _can not,_ have
that policy permission allowed. However the role still needs stream creation
permissions (see above) so I don't see why one would ever restrict log group
creation but not stream creation. It's a _very_ rare case that I don't think is
worth the extra complexity to handle IMHO.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
