44

By default when I create a Lambda function, the CloudWatch Log Group is set to Never Expire. Is it possible to set the expiration (saying 14 days) so I don't have to set it manually from the console after creation?

Updated#1

Thanks to @jens walter answer this is a code snippet of how to solve the problem

Resources:
  LambdaFunction:
    Type: AWS::Serverless::Function
    Properties:
      Handler: index.handler
      Runtime: nodejs6.10
      CodeUri: <your code uri>
      Policies: <your policies> 


  LambdaFunctionLogGroup:
    Type: "AWS::Logs::LogGroup"
    DependsOn: "LambdaFunction"
    Properties: 
      RetentionInDays: 14
      LogGroupName: !Join ["", ["/aws/lambda/", !Ref LambdaFunction]]
Yves M.
  • 29,855
  • 23
  • 108
  • 144
niqui
  • 1,562
  • 1
  • 16
  • 28
  • 2
    Not sure if AWS changed something since snippet was posted but that doesn't work for me. I'm getting `The following resource(s) failed to create: [CloudwatchLogsGroup]. /aws/lambda/cloud-watch-monitoring-log-filter already exists`. – Sergei M Apr 26 '18 at 22:37
  • 2
    the only difference could be that original CFN template didn't contain this log group (therefore log group was created by lambda implicitly). now I'm trying to update CFN stack and trying to add retention for the log group. sadly that approach didn't work – Sergei M Apr 26 '18 at 22:40
  • 2
    try to remove the log group created by lambda using the console and then create the stack using the template, it should work. – niqui Apr 27 '18 at 12:27
  • The likely reason this snippet is not working is because the Lambda function is running before the LogGroup is getting created. When the Lambda function runs it automatically creates a log group with the same name as the LogGroup. In my case the Lambda function was being used as a custom resource and I managed to fix it by using a DependsOn in the CustomResource such that the CustomResource would not be created (which causes the Lambda to run) until the LogGroup was created. – CarlR May 09 '18 at 15:48
  • The solution in "Updated#1" works. This should be marked as the correct answer for the question. – Bruno Negrão Zica Oct 26 '18 at 20:59
  • 1
    There is no need for the "DependsOn" clause, the "!Ref LambdaFunction" already sets a dependency relationship. – Bruno Negrão Zica Oct 26 '18 at 21:47
  • https://stackoverflow.com/questions/39231592/specify-log-group-for-an-aws-lambda – Pat Myron Aug 26 '19 at 17:43
  • I got: /aws/lambda/blah-dev already exists. Any love? – markthegrea Sep 21 '20 at 14:42

4 Answers4

16

If you are creating your Lambda through the console, it is not possible to set the log retention accordingly. It is also not possible to set a default retention for all CloudWatch Logs.

The only way you can influence the log retention is through CloudFormation. In that case, you need to deploy you Lambda through CloudFormation and then you can define a matching LogGroup with a custom retention within that template.

jens walter
  • 13,269
  • 2
  • 56
  • 54
  • 11
    Can you supply an example template snippet? I know how to create a log group (AWS::Logs::LogGroup), but not sure how to connect it to the lambda function. – Mark.ewd Sep 14 '17 at 20:28
  • 1
    As of 2021, There is an option to edit retention via console. cloud watch -> Log Groups -> [your log group]-> actions -> edit retention settings – Anil_M Sep 30 '21 at 19:56
14

You can actually change the log retention time after creating your Lambda in the console, but you need to do it from the CloudWatch console.

If you go to the CloudWatch console and view the Logs (CloudWatch > Log Groups), you will notice that data in the Expire Events After column are links. By clicking on one of those, you can change the expiration.

skresge
  • 157
  • 1
  • 2
  • 6
    I know that you can change the retention time after creation with the console. The idea was not to use the console. – niqui Feb 14 '18 at 23:14
0

As of 2021, There is an option to edit retention via console.

cloud watch -> Log Groups -> [your log group] -> actions -> edit retention settings

Anil_M
  • 10,893
  • 6
  • 47
  • 74
-8

You can use Depends On in CloudFormation. Do something like this:

Resources:
LambdaFunction:
    Type: AWS::Serverless::Function
    DependsOn: LambdaLogGroup
    Properties:
      FunctionName: 'LambdaName'
      Handler: <handlerPath>
      Runtime: java8
      MemorySize: 512
LambdaLogGroup:
       Type: AWS::Logs::LogGroup
       Properties:
             LogGroupName: '/aws/lambda/LambdaLogGroup'
             RetentionInDays: 30
Yves M.
  • 29,855
  • 23
  • 108
  • 144
Kartik Goyal
  • 459
  • 3
  • 15
  • 2
    How does the Lambda Function know to use this newly created log group? – Felipe Alvarez Feb 15 '20 at 09:16
  • @FelipeAlvarez As you can see, in the LambdaFunction block, there is "DependsOn" which reference to "LambdaLogGroup" and hence, Lambda will know to use the newly created log group. – Kartik Goyal Feb 16 '20 at 17:37
  • 10
    The explanation above of `DependsOn` is incorrect. See the docs [here](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html). Its true purpose is to force the creation sequence of the resources within the stack. For the above example `DependsOn` is only forcing the LambdaLogGroup resource to be created first. However, in this example nothing will every be written to it by the lambda. To make it work, you would need to make the following change `LogGroupName: !Sub "/aws/lambda/${LambdaFunction}"` – c0pp3rt0p Feb 26 '20 at 15:54