Delete AWS Log Groups bash script

Cloud Technology

The AWS Management Console does not allow you to delete multiple AWS Cloud Watch Log Groups simultaneously. This bash script will help you remove all AWS Cloud Watch Log Groups for a specific AWS region.

The bash script will do the following:

  • Ask the AWS region you want to access.
  • Confirm the Cloud Watch Log Groups that it found in the specified AWS region.
  • Ask if it should delete the mentioned Cloud Watch Log Groups.
  • Delete each Cloud Watch Log Group, if you enter yes.

How to run the Delete AWS Log Groups bash script

First, download the code and extract it to your home directory.

Ensure that the script has execute permissions.

sudo chmod 500 aws.cloudwatch.loggroups.delete.sh

Run the script via bash as root.

sudo ./aws.cloudwatch.loggroups.delete.sh

Example output:

Getting group names...
These log groups will be deleted:
logGroupName
RDSOSMetrics
ap-2a-adonis
ap-2a-adonis/api
ap-2a-adonis/api/5ced914e6e88b
ap-2a-adonis/api/5ced916160eff
Total 324 log groups

Proceed? y
Delete group logGroupName...
Delete group RDSOSMetrics... OK
Delete group ap-2a-adonis... OK
Delete group ap-2a-adonis/api... OK
Delete group ap-2a-adonis/api/5ced914e6e88b... OK
Delete group ap-2a-adonis/api/5ced916160eff... OK

The delete AWS Log Groups bash script will require that you have the AWS CLI tools installed and configured.

The bash script code

aws.cloudwatch.loggroups.delete.sh:

#!/bin/bash
# ---------------------------------------------------------------------------
#
# This bash script will find all the log group names in a specific AWS region.
# It will then delete ALL the log groups in the region if you answer yes.
#
# Note the following assumptions:
# This script assumes you have AWS CLI installed and configured.
#
# Revision history:
# 2019-05-29 Created (v0.1)
#
# Tested on:
# - Ubuntu Server 18.04 (Cloud (AWS)) - 2019-05-29
#
# DISCLAIMER:
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License at <http://www.gnu.org/licenses/> for
# more details.

read -p "Please enter the AWS region [ap-southeast-2]? " region
region=${region:-ap-southeast-2}

echo Getting group names for $region...

LOG_GROUPS=$(
	aws logs describe-log-groups --output table --region $region |
		awk '{print $6}' |
		grep -v ^$ |
		grep -v DescribeLogGroups
)

echo These log groups will be deleted:
printf "${LOG_GROUPS}\n"
echo Total $(wc -l <<<"${LOG_GROUPS}") log groups
echo

while true; do
    read -p "Proceed? [yn]" yn
    case $yn in
    [Yy]*) break ;;
    [Nn]*) exit ;;
    *) echo "Please answer yes or no." ;;
    esac
done

for name in ${LOG_GROUPS}; do
	printf "Delete group ${name}... "
	aws logs delete-log-group --log-group-name ${name} --region $region && echo OK || echo Fail
done

The bash script uses the following AWS CLI commands to list and delete all the Cloud Watch Log Groups.

Describe Log Groups:

The bash script runs the following AWS CLI command: aws logs describe-log-groups.

The describe-log-groups command lists all the log groups that it finds in the specified region. You can list all your log groups or filter the results by prefix (with some modification).

You can describe your log groups manually by using the following example. The example describes a log group called ‘my-logs’. Use the ‘–region’ command to specify a specific AWS Region.

aws logs describe-log-groups --log-group-name-prefix my-logs

Delete Log Group:

The bash script runs the delete-log-group AWS CLI command for each log group, once you confirm the deletion.

The delete-log-group command permanently deletes all the archived log events associated with the log group.

You can remove your log groups manually by using the following example. The example removes a log group called ‘my-logs’. Use the ‘–region’ command to specify a specific AWS Region.

aws logs delete-log-group --log-group-name my-logs

This bash script can be modified easily to support additional use cases. This script was modified based on the delete-log-streams-from-group.sh script provided on Github.

About Anto

Hi, my name is Anto! I am a cloud computing hobbyist! Give me anything to do with the cloud, and I am interested. I work for a Cloud computing company by day and as a Cloud computing hobbyist by night! My projects use PHP, NodeJs, Ubuntu, MySQL and of course Amazon Web Services. Hopefully, my blog aids your cloud journey! Feel free to post a comment and share your thoughts.

View all posts by Anto →

2 Comments on “Delete AWS Log Groups bash script”

Leave a Reply

Your email address will not be published. Required fields are marked *