- Navigation GuideYou are on a Command (operation) page with structural examples. Use the navigation breadcrumb if you would like to return to the Client landing page.
CreateLogGroupCommand
Creates a log group with the specified name. You can create up to 1,000,000 log groups per Region per account.
You must use the following guidelines when naming a log group:
-
Log group names must be unique within a Region for an Amazon Web Services account.
-
Log group names can be between 1 and 512 characters long.
-
Log group names consist of the following characters: a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen), '/' (forward slash), '.' (period), and '#' (number sign)
-
Log group names can't start with the string
aws/
When you create a log group, by default the log events in the log group do not expire. To set a retention policy so that events expire and are deleted after a specified time, use PutRetentionPolicy .
If you associate an KMS key with the log group, ingested data is encrypted using the KMS key. This association is stored as long as the data encrypted with the KMS key is still within CloudWatch Logs. This enables CloudWatch Logs to decrypt this data whenever it is requested.
If you attempt to associate a KMS key with the log group but the KMS key does not exist or the KMS key is disabled, you receive an InvalidParameterException error.
CloudWatch Logs supports only symmetric KMS keys. Do not associate an asymmetric KMS key with your log group. For more information, see Using Symmetric and Asymmetric Keys .
Example Syntax
Use a bare-bones client and the command you need to make an API call.
import { CloudWatchLogsClient, CreateLogGroupCommand } from "@aws-sdk/client-cloudwatch-logs"; // ES Modules import
// const { CloudWatchLogsClient, CreateLogGroupCommand } = require("@aws-sdk/client-cloudwatch-logs"); // CommonJS import
const client = new CloudWatchLogsClient(config);
const input = { // CreateLogGroupRequest
logGroupName: "STRING_VALUE", // required
kmsKeyId: "STRING_VALUE",
tags: { // Tags
"<keys>": "STRING_VALUE",
},
logGroupClass: "STANDARD" || "INFREQUENT_ACCESS",
};
const command = new CreateLogGroupCommand(input);
const response = await client.send(command);
// {};
CreateLogGroupCommand Input
Parameter | Type | Description |
|---|
Parameter | Type | Description |
|---|---|---|
logGroupNameRequired | string | undefined | A name for the log group. |
kmsKeyId | string | undefined | The Amazon Resource Name (ARN) of the KMS key to use when encrypting log data. For more information, see Amazon Resource Names . |
logGroupClass | LogGroupClass | undefined | Use this parameter to specify the log group class for this log group. There are two classes:
If you omit this parameter, the default of The value of For details about the features supported by each class, see Log classes |
tags | Record<string, string> | undefined | The key-value pairs to use for the tags. You can grant users access to certain log groups while preventing them from accessing other log groups. To do so, tag your groups and use IAM policies that refer to those tags. To assign tags when you create a log group, you must have either the |
CreateLogGroupCommand Output
Parameter | Type | Description |
|---|
Parameter | Type | Description |
|---|---|---|
$metadataRequired | ResponseMetadata | Metadata pertaining to this request. |
Throws
Name | Fault | Details |
|---|
Name | Fault | Details |
|---|---|---|
| InvalidParameterException | client | A parameter is specified incorrectly. |
| LimitExceededException | client | You have reached the maximum number of resources that can be created. |
| OperationAbortedException | client | Multiple concurrent requests to update the same resource were in conflict. |
| ResourceAlreadyExistsException | client | The specified resource already exists. |
| ServiceUnavailableException | server | The service cannot complete the request. |
| CloudWatchLogsServiceException | Base exception class for all service exceptions from CloudWatchLogs service. |