2 Answers
- Newest
- Most votes
- Most comments
1
The following code can be used to delete a log group that is not encrypted by KMS and has no retention period set.
import boto3
def lambda_handler(event, context):
logs_client = boto3.client('logs')
response = logs_client.describe_log_groups()
for log_group in response['logGroups']:
if 'retentionInDays' not in log_group and 'kmsKeyId' not in log_group:
log_group_name = log_group['logGroupName']
logs_client.delete_log_group(logGroupName=log_group_name)
The following is a reference document.
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/logs/client/describe_log_groups.html
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/logs/client/delete_log_group.html
0
Check this post https://repost.aws/questions/QUHbpGyG6vRCetY14qoNxSWg/delete-cloudwatch-log-groups-using-aws-lambda-function
answered a year ago
Relevant content
- asked a year ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago