CloudWatch
LogGroups
In CloudWatch, log groups settings can contribute to unnecessary resource wastage, especially when they are never expiring.
It's important to regularly audit these log groups, as retaining logs indefinitely can lead to excessive and unneeded storage costs.
The best practice is to set appropriate retention policies for most log groups, tailoring them to the specific needs of each application or service.
However, there are exceptions, such as CloudTrail log groups and VPC Flow Logs, which are often retained for long-term due to their critical role in security and compliance.
By selectively applying long-term retention to these key log groups and setting expiration policies for others, organizations can effectively manage their log storage, ensuring cost-efficiency while maintaining essential data for security and compliance purposes.