More Info:

Cloudwatch loggroups should be encrypted

Risk Level

High

Address

Security

Compliance Standards

HIPAA,PCIDSS,GDPR,CISAWS,CBP,NIST,SOC2,AWSWAF,SEBI,RBI_UCB

Triage and Remediation

Remediation

Using Console

Cloudwatch Log groups are by default encrypted with AWS KMS Keys

Using CLI

Cloudwatch Log groups are by default encrypted with AWS KMS Keys

Using Python

Cloudwatch Log groups are by default encrypted with AWS KMS Keys
Reference Link