Merge pull request #12 from ZDF-OSS/feature/add_retention

AyoubUmoru · web-flow · commit 07840a76e599 · 2023-07-05T17:27:29.000+02:00
fix: fix retention is not configurable
diff --git a/API.md b/API.md
diff --git a/README.md b/README.md
@@ -58,12 +58,18 @@ Enabled logging sends all information to the CloudWatch LogGroup.
 Use our construct by installing the module and using our construct in your code:
 
 ```sh
+npm install -g aws-cdk
+npm install aws-cdk-lib 
 npm install cdk-aws-wafv2-geofence-lib
 ```
 **allowedCountiesToAccessService** expects an array of two-character country codes that you want to match against, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard.
 
 When you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site.  (https://docs.aws.amazon.com/waf/latest/APIReference/API_GeoMatchStatement.html)
 
+```ts
+  import { CdkWafGeoLib } from 'cdk-aws-wafv2-geofence-lib'
+```
+
 ```ts
    // AWS WAFv2 GeoBlocking CDK Component
     const allowedCountiesToAccessService = ["DE"]
diff --git a/src/index.ts b/src/index.ts
@@ -26,7 +26,7 @@ export interface ICdkWafGeoLibProps {
   enableCloudWatchLogs?: boolean;
   /** Name of the CloudWatch LogGroup where requests are stored. */
   cloudWatchLogGroupName?: string;
-  /** Retention period to keep logs. */
+  /** Retention period to keep logs. ONE_MONTH is default. */
   retentionDays?: RetentionDays;
 
   /** Switch to control if the rule should block or count incomming requests. */
@@ -61,6 +61,8 @@ export class CdkWafGeoLib extends Construct {
   public readonly customResourceResult?: string;
   constructor(scope: Construct, id: string, props: ICdkWafGeoLibProps) {
     super(scope, id);
+    const logRetention = props.retentionDays ?? RetentionDays.ONE_MONTH;
+    const logGroupName = `aws-waf-logs-geo-${props.cloudWatchLogGroupName ?? 'default'}`;
 
     const wafGeoBlocking = new WafRulesGeoBlock( {
       block: ( props.block || props.enableGeoBlocking),
@@ -119,9 +121,9 @@ export class CdkWafGeoLib extends Construct {
       });
 
       const log_group = new cdk.aws_logs.LogGroup(this, 'waf-log-group', {
-        retention: cdk.aws_logs.RetentionDays.ONE_WEEK,
+        retention: logRetention,
         removalPolicy: cdk.RemovalPolicy.DESTROY,
-        logGroupName: `aws-waf-logs-geo-${props.cloudWatchLogGroupName ?? 'default'}`,
+        logGroupName,
       });
 
       customResourceRole.addToPolicy(new PolicyStatement({
