CloudWatch logGroup support encryption at rest using KmsKey

[edwin-Marrima]

Component(s)

internal/aws

Is your feature request related to a problem? Please describe.

Organizations maintain rigorous standards regarding data encryption. In my organization, it's imperative to encrypt all eligible data on AWS at rest utilizing our designated KMS key.

However, there's a significant limitation within the internal/aws/cwlogs package designed for AWS CloudWatch interaction. This limitation arises from its inability to create CloudWatch LogGroups while specifying a custom KMS key, aside from the default option. Consequently, tools like exporter/awsemfexporter, which rely on this package, are unable to encrypt log data within CloudWatch LogGroups at rest using a custom KMS key.

Describe the solution you'd like

Enhance the functionality of the internal/aws/cwlogs package to enable encryption of CloudWatch LogGroup data at rest using a specified KMS key. This addition will empower tools such as exporter/awsemfexporter to encrypt log data within CloudWatch LogGroups using a custom KMS key.

Describe alternatives you've considered

No response

Additional context

No response

[github-actions]

Pinging code owners:

• internal/aws: @Aneurysm9 @mxiamxia

See Adding Labels via Comments if you do not have permissions to add labels yourself.

[github-actions]

This issue has been inactive for 60 days. It will be closed in 60 days if there is no activity. To ping code owners by adding a component label, see Adding Labels via Comments, or if you are unsure of which component this issue relates to, please ping @open-telemetry/collector-contrib-triagers. If this issue is still relevant, please ping the code owners or leave a comment explaining why it is still relevant. Otherwise, please close it.

Pinging code owners:

• internal/aws: @Aneurysm9 @mxiamxia

See Adding Labels via Comments if you do not have permissions to add labels yourself.

[trc-ikeskin]

This feature would be extremely beneficial for the the exporter/awscloudwatchlogsexporter as well and should be considered a basic mandatory feature for automatic log group creation.

Any news on this?

[github-actions]

This issue has been inactive for 60 days. It will be closed in 60 days if there is no activity. To ping code owners by adding a component label, see Adding Labels via Comments, or if you are unsure of which component this issue relates to, please ping @open-telemetry/collector-contrib-triagers. If this issue is still relevant, please ping the code owners or leave a comment explaining why it is still relevant. Otherwise, please close it.

Pinging code owners:

• internal/aws: @Aneurysm9 @mxiamxia

See Adding Labels via Comments if you do not have permissions to add labels yourself.

[github-actions]

This issue has been closed as inactive because it has been stale for 120 days with no activity.