> ## Documentation Index
> Fetch the complete documentation index at: https://cloudanix.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# CloudWatch Log Groups Should Be Encrypted

### More Info:

Cloudwatch loggroups should be encrypted

### Risk Level

High

### Address

Security

### Compliance Standards

HIPAA,PCIDSS,GDPR,CISAWS,CBP,NIST,SOC2,AWSWAF,SEBI,RBI\_UCB

### Triage and Remediation

<Tabs>
  <Tab title="Remediation">
    ### Remediation

    <AccordionGroup>
      <Accordion title="Using Console" defaultOpen="true">
        Cloudwatch Log groups are by default encrypted with AWS KMS Keys
      </Accordion>

      <Accordion title="Using CLI" defaultOpen="true">
        Cloudwatch Log groups are by default encrypted with AWS KMS Keys
      </Accordion>

      <Accordion title="Using Python" defaultOpen="true">
        Cloudwatch Log groups are by default encrypted with AWS KMS Keys
      </Accordion>
    </AccordionGroup>
  </Tab>
</Tabs>

[Reference Link](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html)
