Disable CloudWatch to monitor logs for Lambda function

There is no flag/toggle/switch or a direct way to disable the CloudWatch logs for a lambda function. One workaround is you can add the following inline policy to your role to disable the CloudWatch logs.

{
"Version": "2012-10-17",
"Statement": [
    {
        "Effect": "Deny",
        "Action": [
            "logs:CreateLogGroup",
            "logs:CreateLogStream",
            "logs:PutLogEvents"
        ],
        "Resource": [
            "arn:aws:logs:*:*:*"
        ]
    }
  ]
}

You can change the "Deny" to "Allow" when you require logging again.

See for more details.

As per my understanding log output is generated by as a default behavior if you do any tests with lambda function. However, the logs are stored in CloudWatch log group only if your lambda role has permission to write to CloudWatch.

Disable CloudWatch to monitor logs for Lambda function

Tags:

Amazon Web Services

Amazon Cloudwatch

Aws Lambda

Related

Recent Posts