Dheeraj Choudhary
Dheeraj Choudhary's Blog

Dheeraj Choudhary's Blog

Set AWS Cloudwatch log groups Retention Policy for all Log using python boto3 script

Dheeraj Choudhary
·Sep 3, 2021·

2 min read

Set AWS Cloudwatch log groups Retention Policy for all Log  using python boto3 script

Subscribe to my newsletter and never miss my upcoming articles

Play this article

Table of contents

  • Prerequisite
  • Python Boto3 Script
  • Conclusion

In this blog we will write python script using boto3 which will set retention policy for all existing log groups which are already created in the account at one go.

Prerequisite

An AWS Account An IAM User with:

  • AWS Management Console access to verify your EC2 instances launched,listed and terminated.
  • The IAM permissions required to perform IAM, EC2, and CloudWatch activities. IAM policy creation and AWS Application Programming Interface (API) permissions are outside this article’s scope. Always adhere to the principle of least privilege when authorizing accounts to perform actions. Administrative access to an EC2 Instance.
  • Install awscli using aws official documentation here
  • Install python and boto3
  • Configure aws cli by using official documentation here

Boto3

Boto3 is the name of the Python SDK for AWS. It allows you to directly create, update, and delete AWS resources from your Python scripts.

Python Boto3 Script

  1. Python code in one module gains access to the code in another module by the process of importing it. The import statement combines two operations; it searches for the named module, then it binds the results of that search to a name in the local scope.
    import boto3
    
  2. We will invoke the client for logs
    client = boto3.client('logs')
    
  3. To describe log groups we have to use method "describe_log_groups()". This method helps us describe log groups already created in your account.
    Goto link where you will find all parameters and filter list. Based on your requirement you can use it to describe your logs. This document also mentions datatype of the parameter.
    response = client.describe_log_groups()
    
  4. Create an empty list in which we will save the list of log group names existing.
    newlist=[]
    
  5. Now we will traverse the dict using for loop to save the log groups name for which we need to set the retention policy.
    for logs in response['logGroups']:
     newlist.append(logs['logGroupName'])
    
  6. Now we will use method "put_retention_policy()" to set retention day for all log groups name from our list "newlist" and will print the output. Make sure to check official documentation here
    for i in newlist:
     log=client.put_retention_policy(
         logGroupName=i,
         retentionInDays=30
     )
     print(log)
    
    To view entire github code please click here

Conclusion

Boto3 provided inbuild methods for AWS resources using which many task can be automated by writing a python script.

Stay tuned for my next blog.....

So, did you find my content helpful? If you did or like my other content, feel free to buy me a coffee. Thanks.

Did you find this article valuable?

Support Dheeraj Choudhary by becoming a sponsor. Any amount is appreciated!

See recent sponsors Learn more about Hashnode Sponsors
 
Share this