Learn R
paws.management (version 0.5.0)

cloudwatchlogs_associate_kms_key: Associates the specified KMS key with either one log group in the account, or with all stored CloudWatch Logs query insights results in the account

Description

Associates the specified KMS key with either one log group in the account, or with all stored CloudWatch Logs query insights results in the account.

See https://www.paws-r-sdk.com/docs/cloudwatchlogs_associate_kms_key/ for full documentation.

Usage

cloudwatchlogs_associate_kms_key(
  logGroupName = NULL,
  kmsKeyId,
  resourceIdentifier = NULL
)

Arguments

logGroupName

The name of the log group.

In your associate_kms_key operation, you must specify either the resourceIdentifier parameter or the logGroup parameter, but you can't specify both.

kmsKeyId

[required] The Amazon Resource Name (ARN) of the KMS key to use when encrypting log data. This must be a symmetric KMS key. For more information, see Amazon Resource Names and Using Symmetric and Asymmetric Keys.

resourceIdentifier

Specifies the target for this operation. You must specify one of the following:

  • Specify the following ARN to have future get_query_results operations in this account encrypt the results with the specified KMS key. Replace REGION and ACCOUNT_ID with your Region and account ID.

    arn:aws:logs:REGION:ACCOUNT_ID:query-result:*

  • Specify the ARN of a log group to have CloudWatch Logs use the KMS key to encrypt log events that are ingested and stored by that log group. The log group ARN must be in the following format. Replace REGION and ACCOUNT_ID with your Region and account ID.

    arn:aws:logs:REGION:ACCOUNT_ID:log-group:LOG_GROUP_NAME

In your associate_kms_key operation, you must specify either the resourceIdentifier parameter or the logGroup parameter, but you can't specify both.