CloudWatch Log Group Has Retention Policy of Specific Days

Overview

Ensure that CloudWatch Log Groups possess a retention policy of a specific number of days. When log groups have a short retention period of fewer than the specified days, essential logs and valuable data may be lost prematurely. To avoid this, implement a Log Retention policy with a specific number of days for the log groups. This will ensure that logs and traces persist for an extended period, providing valuable insights and historical data for analysis and troubleshooting.

Vendor

AWS

Cloud Service

CloudWatch

CloudWatch.16

References

https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_LogGroup.html, https://stackoverflow.com/questions/70244935/set-log-group-retention-policy-to-never-expire-via-clouformation, https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/WhatIsCloudWatchLogs.html

Severity

Item Types

AWS::Logs::LogGroup

Overview​

Vendor​

Cloud Service​

Related Controls​

References​

Severity​

Item Types​