CloudWatchLogs.Client.
disassociate_kms_key
(**kwargs)¶Disassociates the associated KMS key from the specified log group.
After the KMS key is disassociated from the log group, CloudWatch Logs stops encrypting newly ingested data for the log group. All previously ingested data remains encrypted, and CloudWatch Logs requires permissions for the KMS key whenever the encrypted data is requested.
Note that it can take up to 5 minutes for this operation to take effect.
See also: AWS API Documentation
Request Syntax
response = client.disassociate_kms_key(
logGroupName='string'
)
[REQUIRED]
The name of the log group.
Exceptions
CloudWatchLogs.Client.exceptions.InvalidParameterException
CloudWatchLogs.Client.exceptions.ResourceNotFoundException
CloudWatchLogs.Client.exceptions.OperationAbortedException
CloudWatchLogs.Client.exceptions.ServiceUnavailableException