add condition to only create flow logs from production VPCs

ministryofjustice · Sep 20, 2024 · ed93af5 · ed93af5
1 parent 13e2417
commit ed93af5
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/terraform/environments/core-vpc/vpc.tf b/terraform/environments/core-vpc/vpc.tf
@@ -91,7 +91,7 @@ module "vpc" {
 
   # VPC Flow Logs
   vpc_flow_log_iam_role       = aws_iam_role.vpc_flow_log.arn
-  flow_log_s3_destination_arn = local.cloudwatch_log_buckets["vpc-flow-logs"]
+  flow_log_s3_destination_arn = local.is-production ? local.cloudwatch_log_buckets["vpc-flow-logs"] : ""
 
   # Variables required for Firehose integration. We are not building this in all environments hence the "build_firehose" condition below.
   build_firehose                 = local.build_firehose