使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post

Delete CloudWatch Log Groups using AWS Lambda function

0

Hi AWS, I need a lambda function which can delete log group with no retention period and with no KMS key configured

主题
安全、身份和合规性无服务器计算管理与治理
标签
AWS 智能钥匙管理服务AWS LambdaAmazon CloudWatch日志组
语言
English
rePost-User-1680684
已提问 1 年前408 查看次数
2 回答
1
已接受的回答

The following code can be used to delete a log group that is not encrypted by KMS and has no retention period set.

import boto3

def lambda_handler(event, context):

    logs_client = boto3.client('logs')
    response = logs_client.describe_log_groups()

    for log_group in response['logGroups']:
        if 'retentionInDays' not in log_group and 'kmsKeyId' not in log_group:
            log_group_name = log_group['logGroupName']
            logs_client.delete_log_group(logGroupName=log_group_name)

The following is a reference document.
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/logs/client/describe_log_groups.html
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/logs/client/delete_log_group.html

profile picture
专家
Riku_Kobayashi
已回答 1 年前
0

Check this post https://repost.aws/questions/QUHbpGyG6vRCetY14qoNxSWg/delete-cloudwatch-log-groups-using-aws-lambda-function

Manikandan
已回答 1 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则

相关内容