Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

How do you encrypt cloudwatch logs?

0

I want to see, if i can enable some sort of encryption in cloudwatch logs. my application running in ecs writes to cloudwatch . how can i enable encryption , such that if logs were read by someone not authorized or hacked, it wouldn't pose any security compromise. once encrypted , how would authorize users view the logs , meaning how would i decrpty it for viewing via console or download it , when needed.

Topics
Management & GovernanceNetworking & Content Delivery
Tags
EncryptionAmazon CloudWatch
Language
English
asked 2 years ago549 views
1 Answer
1

It is very simple. you can use KMS to encrypt couldwatch logs. Please see the documentation below. Basically you will create key, set permissions on the KMS key to allow cloudwatch to use it. Associate the key with the cloudwatch log group. https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html

AWS
EXPERT
answered 2 years ago
EXPERT
reviewed 2 years ago
EXPERT
reviewed 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content