Sign In to the Console
AWS CloudFormation
User Guide (Version )

AWS Documentation » AWS CloudFormation » User Guide » CloudWatch Logs Resource Type Reference » AWS::Logs::LogGroup

AWS::Logs::LogGroup

The AWS::Logs::LogGroup resource specifies a log group. A log group defines common properties for log streams, such as their retention and access control rules. Each log stream must belong to one log group.

You can create up to 5000 log groups per account. You must use the following guidelines when naming a log group:

  • Log group names must be unique within a Region for an AWS account.

  • Log group names can be between 1 and 512 characters long.

  • Log group names consist of the following characters: a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen), '/' (forward slash), and '.' (period).

If you associate a AWS Key Management Service (AWS KMS) customer master key (CMK) with the log group, ingested data is encrypted using the CMK. This association is stored as long as the data encrypted with the CMK is still within Amazon CloudWatch Logs. This enables Amazon CloudWatch Logs to decrypt this data whenever it is requested.

If you attempt to associate a CMK with the log group but the CMK doesn't exist or the CMK is disabled, you will receive an InvalidParameterException error.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::Logs::LogGroup",
  "Properties" : {
      "LogGroupName" : String,
      "RetentionInDays" : Integer
    }
}

YAML

Type: AWS::Logs::LogGroup
Properties: 
  LogGroupName: String
  RetentionInDays: Integer

Properties

LogGroupName

The name of the log group. If you don't specify a name, AWS CloudFormation generates a unique ID for the log group.

Required: No

Type: String

Minimum: 1

Maximum: 512

Pattern: [\.\-_/#A-Za-z0-9]+

Update requires: Replacement

RetentionInDays

The number of days to retain the log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653.

Required: No

Type: Integer

Update requires: No interruption

Return Values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource name.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Arn

The ARN of the log group, such as arn:aws:logs:us-west-1:123456789012:log-group:/mystack-testgroup-12ABC1AB12A1:*. .

Examples

Create a Log Group

The following example creates a log group that retains events for 7 days.

JSON

"myLogGroup": {
    "Type": "AWS::Logs::LogGroup",
    "Properties": {
        "RetentionInDays": 7
    }
}

YAML

myLogGroup: 
  Type: AWS::Logs::LogGroup
  Properties: 
  RetentionInDays: 7