Delete CloudWatch Log Groups using AWS Lambda function

The following code can be used to delete a log group that is not encrypted by KMS and has no retention period set.

import boto3

def lambda_handler(event, context):

    logs_client = boto3.client('logs')
    response = logs_client.describe_log_groups()

    for log_group in response['logGroups']:
        if 'retentionInDays' not in log_group and 'kmsKeyId' not in log_group:
            log_group_name = log_group['logGroupName']
            logs_client.delete_log_group(logGroupName=log_group_name)

The following is a reference document.
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/logs/client/describe_log_groups.html
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/logs/client/delete_log_group.html