Take an action when an AWS Logs log group&#39;s retention period is not configured according to the `AWS &gt; Logs &gt; Log Group &gt; Retention &gt; *` policies. The Retention control determines whether the log group has an appropriate retention period configured, and if not, has the ability to update it. When running an automated compliance environment, it&#39;s important to ensure log groups have appropriate retention periods to balance storage costs with compliance requirements. This control checks the status of retention settings for the log group based on the defined period (`AWS &gt; Logs &gt; Log Group &gt; Retention &gt; Period`), raises an alarm, and takes the defined enforcement action. See [Log Group Retention](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) for more information.

Take an action when an AWS Logs log group&#39;s retention period is not configured according to the&#92;n`AWS &gt; Logs &gt; Log Group &gt; Retention &gt; *` policies.&#92;n&#92;nThe Retention control determines whether the log group has an appropriate retention period configured,&#92;nand if not, has the ability to update it. When running an automated compliance environment,&#92;nit&#39;s important to ensure log groups have appropriate retention periods to balance storage costs&#92;nwith compliance requirements.&#92;n&#92;nThis control checks the status of retention settings for the log group based on&#92;nthe defined period (`AWS &gt; Logs &gt; Log Group &gt; Retention &gt; Period`), raises an alarm,&#92;nand takes the defined enforcement action.&#92;n&#92;nSee [Log Group Retention](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) for more information.&#92;n

AWS > Logs > Log Group > Retention > Period

AWS > Logs > Log Group

AWS > Logs > Log Group > Retention

Azure > Management Group

Azure > Subscription

Azure > Tenant

Turbot > Folder

Turbot

Turbot > IAM > Turbot Identity

Turbot > IAM > Unidentified Identity

Azure > Active Directory > Directory

Kubernetes > Cluster

GCP > Project

AWS > Account

ServiceNow > Instance

GitHub > Repository

GCP > Kubernetes Engine > Region Cluster

GCP > Kubernetes Engine > Zone Cluster

GCP > BigQuery > Dataset

GCP > BigQuery > Table

GCP > SQL > Instance

GCP > Bigtable > Instance

GCP > Dataplex > Lake

GCP > Dataplex > Task

GCP > Dataplex > Zone

GCP > Memorystore > Instance

GCP > App Engine > Service

GCP > Vertex AI > Endpoint

GCP > Pub/Sub > Snapshot

GCP > Pub/Sub > Subscription

GCP > Pub/Sub > Topic

GCP > Spanner > Instance

GCP > DNS > Managed Zone

GCP > KMS > Crypto Key

GCP > Composer > Environment

GCP > Secret Manager > Secret

GCP > Network > Forwarding Rule

GCP > Network > Global Forwarding Rule

GCP > Network > VPN Tunnel

GCP > Storage > Bucket

GCP > Compute Engine > Disk

GCP > Compute Engine > Image

GCP > Compute Engine > Instance

GCP > Compute Engine > Region Disk

GCP > Compute Engine > Snapshot

GCP > Dataproc > Cluster

GCP > Dataproc > Job

GCP > Dataproc > Workflow Template

AWS > Lambda > Function

AWS > VPC > Flow Log

AWS > VPC > Network ACL

AWS > VPC > Security Group

AWS > VPC > Security Group Rule

AWS > Route 53 Resolver > Resolver Rule

AWS > Route 53 Resolver > Resolver Endpoint

AWS > Route 53 > Hosted Zone

AWS > Batch > Compute Environment

AWS > Batch > Job Queue

AWS > Elasticsearch > Domain

AWS > CodeCommit > Repository

AWS > GuardDuty > Detector

AWS > GuardDuty > IPSet

AWS > GuardDuty > ThreatIntelSet

AWS > Neptune > DB Instance

AWS > Neptune > DB Cluster

AWS > SNS > Topic

AWS > SNS > Topic Policy

AWS > EKS > Cluster

AWS > EKS > Node Group

AWS > Direct Connect > Connection

AWS > Direct Connect > Lag

AWS > Direct Connect > Virtual Interface

AWS > CloudTrail > Trail

AWS > Lightsail > Relational Database

AWS > Lightsail > Instance

AWS > Lightsail > Load Balancer

AWS > RDS > DB Cluster

AWS > RDS > DB Cluster Parameter Group

AWS > RDS > DB Cluster Snapshot [Manual]

AWS > RDS > DB Instance

AWS > RDS > DB Parameter Group

AWS > RDS > DB Snapshot [Manual]

AWS > RDS > Option Group

AWS > RDS > Subnet Group

AWS > WAF > Rule Group v2 Global

AWS > WAF > Web ACL [Deprecated]

AWS > WAF > Web ACL v2 Regional

AWS > WAF > Web ACL v2 Global

AWS > WAF > Regex Pattern Set v2 Regional

AWS > WAF > Rule Group v2 Regional

AWS > WAF > Regex Pattern Set v2 Global

AWS > WAF > IP Set v2 Regional

AWS > WAF > IP Set v2 Global

AWS > ACM > Certificate

AWS > Inspector > Assessment Template

AWS > Amazon MQ > Broker

AWS > Amazon MQ > Configuration

AWS > KMS > Key

AWS > Config > Rule

AWS > Storage Gateway > File Share

AWS > Storage Gateway > Gateway

AWS > Storage Gateway > Tape Pool

AWS > Storage Gateway > Tape

AWS > Storage Gateway > Volume

AWS > WorkSpaces > WorkSpace

AWS > CodeBuild > Project

AWS > CodeBuild > Source Credential

AWS > App Mesh > Mesh

AWS > Amplify > App

AWS > VPC > VPC

AWS > VPC > Subnet

AWS > VPC > Route Table

AWS > VPC > DHCP Options

AWS > EFS > FileSystem

GCP > Folder

AWS > Region

AWS > EC2 > Instance

Azure > Resource Group

Control: AWS > Logs > Log Group > Retention

Resource Types

Policies

Permissions

Category

In Your Workspace

Developers