Resource Type: AWS > Logs > Log Group
The Log Group resource type represents a collection of log streams that share the same retention, monitoring, and access control settings. These can be used to monitor, store, and access log events.
Resource Context
Log Group is a part of the Logs service.
Each Log Group lives under a Region.
Controls
The primary controls for AWS > Logs > Log Group are:
It is also targeted by these controls:
- AWS > HIPAA > Logs > Log group encryption at rest should be enabled
- AWS > HIPAA > Logs > Log group retention period should be at least 365 days
- AWS > Logs > Log Stream > Discovery
- AWS > NIST 800-53 > Logs > Log group encryption at rest should be enabled
- AWS > NIST 800-53 > Logs > Log group retention period should be at least 365 days
Quick Actions
- Delete from AWS
- Set Tags
- Skip alarm for Active control
- Skip alarm for Active control [90 days]
- Skip alarm for Approved control
- Skip alarm for Approved control [90 days]
- Skip alarm for Encryption at Rest control
- Skip alarm for Encryption at Rest control [90 days]
- Skip alarm for Tags control
- Skip alarm for Tags control [90 days]
Category
In Your Workspace
- Controls by Resource Type report
- Policy Settings by Resource Type report
- Resources by Resource Type report
Developers
- tmod:@turbot/aws-logs#/resource/types/logGroup
- tmod:@turbot/turbot#/resource/categories/managementTools
- turbot graphql resource --id "tmod:@turbot/aws-logs#/resource/types/logGroup"
Get Resource- select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/aws-logs#/resource/types/logGroup';
- select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/aws-logs#/resource/types/logGroup"';
- select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/aws-logs#/resource/types/logGroup' and notification_type in ('resource_updated', 'resource_created');
Get ResourceGet Policy Settings (By Resource ID)Get Resource Notification
Resource Type URI
Category URI
GraphQL
CLI
Steampipe Query