Readonly
deploymentReadonly
encryption(OPTIONAL) The encryption configuration of the AWS CloudWatch Logs Group.
CAUTION: If importing an existing AWS CloudWatch Logs Group that has encryption enabled. If specifying the encryption configuration with any KMS parameter under the encryption configuration, Landing Zone Accelerator on AWS will associate a new key with the log group. The same situation is applied for a log group that is created by Landing Zone Accelerator on AWS where specifying a new KMS parameter will update the KMS key used to encrypt the log group. It is recommend to verify if any processes or applications are using the previous key, and has access to the new key before updating.
Readonly
logName of the CloudWatch log group
If importing an existing log group, this must be the name of the group as it exists in your account.
Readonly
log(OPTIONAL) How long, in days, the log contents will be retained.
To retain all logs, set this value to undefined.
undefined
Readonly
termination(OPTIONAL) Set this property to false
if you would like the log group
to be deleted if it is removed from the solution configuration file.
true
Generated using TypeDoc
SecurityConfig / CloudWatchConfig / LogGroupsConfig
CloudWatch log group configuration. Use this configuration to deploy CloudWatch log groups to your environment. You can also import existing log groups into your accelerator configuration. Log groups define groups of log streams that share the same retention, monitoring, and access control settings.
Example
CloudWatch Log Group that is using a CMK that is being managed by Landing Zone Accelerator on AWS.
CloudWatch Log Group that uses the Landing Zone Accelerator on AWS CMK for CloudWatch Logs Groups.
CloudWatch Log Group that uses an existing KMS Key that's not managed by Landing Zone Accelerator on AWS.