Automating AWS CloudWatch Log Group Tagging with Python and Boto3
Managing tags for AWS CloudWatch log groups is crucial for operational visibility, cost management, and effective resource organization. Tagging log groups manually can be cumbersome, especially when dealing with a large number of log groups. This article outlines a straightforward method to automate this task using Python and the AWS SDK for Python (Boto3).
Importance of Automating CloudWatch Log Group Tagging
Automation ensures:
- Consistent tagging across your AWS resources.
- Reduced manual effort and human errors.
- Enhanced ability to track costs and usage accurately.
Prerequisites
- Python 3 installed
- AWS CLI configured with appropriate permissions
- Boto3 (
pip install boto3) - IAM permissions:
logs:DescribeLogGroupslogs:ListTagsLogGrouplogs:TagLogGroup
Python Script for Tagging CloudWatch Log Groups
Below is a Python script that automatically applies specific tags to AWS CloudWatch log groups that currently have no tags.
Python Script
import boto3
AWS_REGION = ‘us-east-1’ # Replace with your region
Tags to apply
TAGS_TO_APPLY = {
‘deployed_via’: ‘manual’,
’env_name’: ‘development’,
‘projectid’: ‘ID-12345’,
}
def tag_cloudwatch_log_groups():
logs_client = boto3.client(’logs’, region_name=AWS_REGION)
paginator = logs_client.get_paginator('describe_log_groups')
for page in paginator.paginate():
for log_group in page['logGroups']:
log_group_name = log_group['logGroupName']
existing_tags = logs_client.list_tags_log_group(logGroupName=log_group_name).get('tags', {})
if not existing_tags:
print(f"Adding tags to log group '{log_group_name}'")
logs_client.tag_log_group(
logGroupName=log_group_name,
tags=TAGS_TO_APPLY
)
else:
print(f"Log group '{log_group_name}' already has tags. Skipping.")
if name == ‘main’:
tag_cloudwatch_log_groups()
This script will iterate through all your CloudWatch log groups, applying tags only to log groups that currently have none.
Advantages
- Simplified resource management
- Enhanced cost allocation and auditing
- Streamlined operational tasks
Conclusion
Automating CloudWatch log group tagging using Python and Boto3 simplifies administrative tasks and helps maintain a well-organized and cost-effective AWS environment.
More from Ercan
Two more sites, same author, different ground.
AI, LLMs, agents, applied ML.
Field notes on AI workloads. Bedrock cost analysis, agent patterns, vector storage trade-offs, production failure modes.
Visit ercan.ai →The hub. About, consulting, contact.
Personal hub for both writing tracks. Who I am, how the consulting works, how to reach me.
Visit ercanermis.com →