Set retention period for CloudWatch Logs

What It Does

Sets the retention period for CloudWatch Logs. This runbook ensures that logs are retained only for the necessary period, helping reduce unnecessary storage costs while keeping essential logs available for compliance or troubleshooting.

Risk and Scope

Detail
Value

Risk Level

Low

AWS Service Targeted

Amazon CloudWatch

Permissions Required

Modify Permissions

  • logs:PutRetentionPolicy

Read Permissions

  • logs:DescribeLogGroups

These permissions are granted only to the runbook, not to the OneLens platform itself.

Optimization Policies Addressed

This runbook remediates violation tickets triggered by of the following policy:

Policy ID
Policy Name

cw_103

CloudWatch log groups should have appropriate log retention period

cw_102

CloudWatch log groups should have a defined retention period

Risk Mitigation

Risk Mitigation Strategy

  • The change is assessed as low risk with limited scope and impact.

  • No downtime is expected during or after implementation.

  • No additional safety measures are required due to the non-disruptive nature of the change.

  • A rollback plan is not defined, as standard procedures are sufficient to manage the change.

How to Install

Refer to the Runbook Setup Guide for steps to install and enable this runbook in your environment.

Runbook Workflow

Step 1: Start

Trigger: Begins the runbook to identify CloudWatch Logs groups and set the retention periods.

Step 2: ValidateRetentionPeriod

Action: Executes a script to validate the current retention period of the CloudWatch Log group to check whether it matches the desired retention configuration.

Step 3: If/Else

Condition: Checks if the retention period needs to be updated.

  1. If change is required:

    1. PutRetentionPolicy Executes the PutRetentionPolicy action to set the appropriate retention period for the log group.

  2. Else:

  • If no change is needed, the workflow terminates without making any modifications.

See How It Works

Triggering the Runbook

To run this workflow:

1. Locate the Ticket

Identify the ticket associated with the above mentioned policy violation.

2. Execute the Runbook

Follow the steps described in the executing a runbook section to apply this runbook to the ticket.

PreviousMigrate EBS Volumes from gp2 to gp3NextExecution Logs

Last updated