CloudWatchLogs / Client / delete_account_policy

delete_account_policy#

CloudWatchLogs.Client.delete_account_policy(**kwargs)#

Deletes a CloudWatch Logs account policy. This stops the account-wide policy from applying to log groups in the account. If you delete a data protection policy or subscription filter policy, any log-group level policies of those types remain in effect.

To use this operation, you must be signed on with the correct permissions depending on the type of policy that you are deleting.

  • To delete a data protection policy, you must have the logs:DeleteDataProtectionPolicy and logs:DeleteAccountPolicy permissions.

  • To delete a subscription filter policy, you must have the logs:DeleteSubscriptionFilter and logs:DeleteAccountPolicy permissions.

  • To delete a transformer policy, you must have the logs:DeleteTransformer and logs:DeleteAccountPolicy permissions.

  • To delete a field index policy, you must have the logs:DeleteIndexPolicy and logs:DeleteAccountPolicy permissions.

If you delete a field index policy, the indexing of the log events that happened before you deleted the policy will still be used for up to 30 days to improve CloudWatch Logs Insights queries.

See also: AWS API Documentation

Request Syntax

response = client.delete_account_policy(
    policyName='string',
    policyType='DATA_PROTECTION_POLICY'|'SUBSCRIPTION_FILTER_POLICY'|'FIELD_INDEX_POLICY'|'TRANSFORMER_POLICY'
)
Parameters:
  • policyName (string) –

    [REQUIRED]

    The name of the policy to delete.

  • policyType (string) –

    [REQUIRED]

    The type of policy to delete.

Returns:

None

Exceptions

  • CloudWatchLogs.Client.exceptions.InvalidParameterException

  • CloudWatchLogs.Client.exceptions.ResourceNotFoundException

  • CloudWatchLogs.Client.exceptions.ServiceUnavailableException

  • CloudWatchLogs.Client.exceptions.OperationAbortedException