Associate an AWS KMS key with a CloudWatch Logs log group using an AWS SDK - AWS SDK Code Examples

There are more AWS SDK examples available in the AWS Doc SDK Examples GitHub repo.

Associate an AWS KMS key with a CloudWatch Logs log group using an AWS SDK

The following code example shows how to associate an AWS KMS key with an existing CloudWatch Logs log group.


There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

using System; using System.Threading.Tasks; using Amazon.CloudWatchLogs; using Amazon.CloudWatchLogs.Model; /// <summary> /// Shows how to associate an AWS Key Management Service (AWS KMS) key with /// an Amazon CloudWatch Logs log group. The example was created using the /// AWS SDK for .NET version 3.7 and .NET Core 5.0. /// </summary> public class AssociateKmsKey { public static async Task Main() { // This client object will be associated with the same AWS Region // as the default user on this system. If you need to use a // different AWS Region, pass it as a parameter to the client // constructor. var client = new AmazonCloudWatchLogsClient(); string kmsKeyId = "arn:aws:kms:us-west-2:<account-number>:key/7c9eccc2-38cb-4c4f-9db3-766ee8dd3ad4"; string groupName = "cloudwatchlogs-example-loggroup"; var request = new AssociateKmsKeyRequest { KmsKeyId = kmsKeyId, LogGroupName = groupName, }; var response = await client.AssociateKmsKeyAsync(request); if (response.HttpStatusCode == System.Net.HttpStatusCode.OK) { Console.WriteLine($"Successfully associated KMS key ID: {kmsKeyId} with log group: {groupName}."); } else { Console.WriteLine("Could not make the association between: {kmsKeyId} and {groupName}."); } } }