Delete CloudWatch Log Groups using AWS Lambda function

Question

Hi AWS,
I need a lambda function which can delete log group with no retention period and with no KMS key configured

Accepted Answer

The following code can be used to delete a log group that is not encrypted by KMS and has no retention period set.  
```
import boto3

def lambda_handler(event, context):

logs_client = boto3.client('logs')
    response = logs_client.describe_log_groups()

for log_group in response['logGroups']:
        if 'retentionInDays' not in log_group and 'kmsKeyId' not in log_group:
            log_group_name = log_group['logGroupName']
            logs_client.delete_log_group(logGroupName=log_group_name)
```

The following is a reference document.  
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/logs/client/describe_log_groups.html  
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/logs/client/delete_log_group.html

Answer

Check this post https://repost.aws/questions/QUHbpGyG6vRCetY14qoNxSWg/delete-cloudwatch-log-groups-using-aws-lambda-function

Delete CloudWatch Log Groups using AWS Lambda function

相關內容