Take an action when an AWS Logs log group&#39;s retention period is not configured according to the `AWS &gt; Logs &gt; Log Group &gt; Retention &gt; *` policies. The Retention control determines whether the log group has an appropriate retention period configured, and if not, has the ability to update it. When running an automated compliance environment, it&#39;s important to ensure log groups have appropriate retention periods to balance storage costs with compliance requirements. This control checks the status of retention settings for the log group based on the defined period (`AWS &gt; Logs &gt; Log Group &gt; Retention &gt; Period`), raises an alarm, and takes the defined enforcement action. See [Log Group Retention](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) for more information.

Take an action when an AWS Logs log group&#39;s retention period is not configured according to the&#92;n`AWS &gt; Logs &gt; Log Group &gt; Retention &gt; *` policies.&#92;n&#92;nThe Retention control determines whether the log group has an appropriate retention period configured,&#92;nand if not, has the ability to update it. When running an automated compliance environment,&#92;nit&#39;s important to ensure log groups have appropriate retention periods to balance storage costs&#92;nwith compliance requirements.&#92;n&#92;nThis control checks the status of retention settings for the log group based on&#92;nthe defined period (`AWS &gt; Logs &gt; Log Group &gt; Retention &gt; Period`), raises an alarm,&#92;nand takes the defined enforcement action.&#92;n&#92;nSee [Log Group Retention](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) for more information.&#92;n

AWS > Logs > Log Group > Retention > Period

AWS > Logs > Log Group

AWS > Logs > Log Group > Retention

Azure > Management Group

Azure > Subscription

Azure > Tenant

Turbot > Folder

Turbot

Turbot > IAM > Turbot Identity

Turbot > IAM > Unidentified Identity

Azure > Active Directory > Directory

Kubernetes > Cluster

GCP > Project

GitHub > Repository

AWS > Account

ServiceNow > Instance

Azure > Network Watcher > Network Watcher

Azure > SQL > Database

Azure > SQL > Elastic Pool

Azure > SQL > Managed Instance

Azure > SQL > Server

Azure > Relay > Namespace

Azure > Key Vault > Vault

Azure > Search Management > Search Service

Azure > Automation > Automation Account

Azure > Automation > Runbook

Azure > App Service > App Service Plan

Azure > App Service > Web App

Azure > Resource Group

Azure > SignalR Service > SignalR

Azure > DNS > Zone

Azure > DNS > Record Set

Azure > Storage > Storage Account

Azure > Monitor > Action Group

Azure > Monitor > Metric Alert

Azure > Application Insights > Application Insight

Azure > PostgreSQL > Flexible Server

Azure > PostgreSQL > Server

Azure > Network > Application Security Group

Azure > Network > Express Route Circuits

Azure > Network > Network Interface

Azure > Network > Network Security Group

Azure > Network > Private DNS Zones

Azure > Network > Private Endpoints

Azure > Network > Public IP Address

Azure > Network > Route Table

Azure > Network > Virtual Network

Azure > Network > Virtual Network Gateway

Azure > Network > Private Link Service

Azure > Load Balancer > Load Balancer

Azure > MySQL > Flexible Server

Azure > MySQL > Server [Deprecated]

Azure > Managed Identity > User Assigned Identity

Azure > API Management > API Management Service

Azure > Log Analytics > Log Analytics Workspace

Azure > Recovery Service > Vault

Azure > Synapse Analytics > SQL Pool

Azure > Synapse Analytics > Workspace

Azure > Compute > Availability Set

Azure > Compute > Disk

Azure > Compute > Disk Encryption Set

Azure > Compute > Image

Azure > Compute > Snapshot

Azure > Compute > Ssh Public Key

Azure > Compute > Virtual Machine

Azure > Compute > Virtual Machine Scale Set

Azure > Application Gateway Service > Application Gateway

Azure > Databricks > Workspace

Azure > Data Factory > Factory

Azure > Service Bus > Namespace

Azure > Cosmos DB > Database Account

Azure > Container Registry > Registry

Azure > SQL Virtual Machine Service > SQL Virtual Machine

Azure > AKS > Managed Cluster

Azure > Firewall > Firewall

GCP > BigQuery > Dataset

GCP > BigQuery > Table

GCP > Compute Engine > Disk

GCP > Compute Engine > Image

GCP > Compute Engine > Instance

GCP > Compute Engine > Region Disk

GCP > Compute Engine > Snapshot

GCP > Dataproc > Cluster

GCP > Dataproc > Job

GCP > Dataproc > Workflow Template

GCP > SQL > Instance

GCP > Dataplex > Lake

GCP > Dataplex > Task

GCP > Dataplex > Zone

GCP > Secret Manager > Secret

GCP > Network > Forwarding Rule

GCP > Network > Global Forwarding Rule

GCP > Network > VPN Tunnel

GCP > Bigtable > Instance

GCP > Spanner > Instance

GCP > Vertex AI > Endpoint

GCP > Memorystore > Instance

GCP > Pub/Sub > Snapshot

GCP > Pub/Sub > Subscription

GCP > Pub/Sub > Topic

GCP > Storage > Bucket

GCP > Composer > Environment

GCP > App Engine > Service

GCP > KMS > Crypto Key

GCP > Kubernetes Engine > Region Cluster

GCP > Kubernetes Engine > Zone Cluster

GCP > DNS > Managed Zone

AWS > Resource Access Manager > Resource Share

AWS > Elastic Beanstalk > Application

AWS > Elastic Beanstalk > Environment

AWS > AppStream > Image

AWS > AppStream > Fleet

AWS > AppStream > Image Builder

AWS > IAM > Access Analyzer

GCP > Folder

AWS > EC2 > Instance

AWS > Region

Control: AWS > Logs > Log Group > Retention

Resource Types

Policies

Permissions

Category

In Your Workspace

Developers