SDK for PHP 3.x
Network Flow Monitor 2023-04-19
- Client: Aws\NetworkFlowMonitor\NetworkFlowMonitorClient
- Service ID: networkflowmonitor
- Version: 2023-04-19
This page describes the parameters and results for the operations of the Network Flow Monitor (2023-04-19), and shows how to use the Aws\NetworkFlowMonitor\NetworkFlowMonitorClient object to call the described operations. This documentation is specific to the 2023-04-19 API version of the service.
Operation Summary
Each of the following operations can be created from a client using
$client->getCommand('CommandName'), where "CommandName" is the
name of one of the following operations. Note: a command is a value that
encapsulates an operation and the parameters used to create an HTTP request.
You can also create and send a command immediately using the magic methods
available on a client object: $client->commandName(/* parameters */).
You can send the command asynchronously (returning a promise) by appending the
word "Async" to the operation name: $client->commandNameAsync(/* parameters */).
- CreateMonitor ( array $params = [] )
- Create a monitor for specific network flows between local and remote resources, so that you can monitor network performance for one or several of your workloads.
- CreateScope ( array $params = [] )
- In Network Flow Monitor, you specify a scope for the service to generate metrics for.
- DeleteMonitor ( array $params = [] )
- Deletes a monitor in Network Flow Monitor.
- DeleteScope ( array $params = [] )
- Deletes a scope that has been defined.
- GetMonitor ( array $params = [] )
- Gets information about a monitor in Network Flow Monitor based on a monitor name.
- GetQueryResultsMonitorTopContributors ( array $params = [] )
- Return the data for a query with the Network Flow Monitor query interface.
- GetQueryResultsWorkloadInsightsTopContributors ( array $params = [] )
- Return the data for a query with the Network Flow Monitor query interface.
- GetQueryResultsWorkloadInsightsTopContributorsData ( array $params = [] )
- Return the data for a query with the Network Flow Monitor query interface.
- GetQueryStatusMonitorTopContributors ( array $params = [] )
- Returns the current status of a query for the Network Flow Monitor query interface, for a specified query ID and monitor.
- GetQueryStatusWorkloadInsightsTopContributors ( array $params = [] )
- Return the data for a query with the Network Flow Monitor query interface.
- GetQueryStatusWorkloadInsightsTopContributorsData ( array $params = [] )
- Returns the current status of a query for the Network Flow Monitor query interface, for a specified query ID and monitor.
- GetScope ( array $params = [] )
- Gets information about a scope, including the name, status, tags, and target details.
- ListMonitors ( array $params = [] )
- List all monitors in an account.
- ListScopes ( array $params = [] )
- List all the scopes for an account.
- ListTagsForResource ( array $params = [] )
- Returns all the tags for a resource.
- StartQueryMonitorTopContributors ( array $params = [] )
- Create a query that you can use with the Network Flow Monitor query interface to return the top contributors for a monitor.
- StartQueryWorkloadInsightsTopContributors ( array $params = [] )
- Create a query with the Network Flow Monitor query interface that you can run to return workload insights top contributors.
- StartQueryWorkloadInsightsTopContributorsData ( array $params = [] )
- Create a query with the Network Flow Monitor query interface that you can run to return data for workload insights top contributors.
- StopQueryMonitorTopContributors ( array $params = [] )
- Stop a top contributors query for a monitor.
- StopQueryWorkloadInsightsTopContributors ( array $params = [] )
- Stop a top contributors query for workload insights.
- StopQueryWorkloadInsightsTopContributorsData ( array $params = [] )
- Stop a top contributors data query for workload insights.
- TagResource ( array $params = [] )
- Adds a tag to a resource.
- UntagResource ( array $params = [] )
- Removes a tag from a resource.
- UpdateMonitor ( array $params = [] )
- Update a monitor to add or remove local or remote resources.
- UpdateScope ( array $params = [] )
- Update a scope to add or remove resources that you want to be available for Network Flow Monitor to generate metrics for, when you have active agents on those resources sending metrics reports to the Network Flow Monitor backend.
Paginators
Paginators handle automatically iterating over paginated API results. Paginators are associated with specific API operations, and they accept the parameters that the corresponding API operation accepts. You can get a paginator from a client class using getPaginator($paginatorName, $operationParameters). This client supports the following paginators:
- GetQueryResultsMonitorTopContributors
- GetQueryResultsWorkloadInsightsTopContributors
- GetQueryResultsWorkloadInsightsTopContributorsData
- ListMonitors
- ListScopes
Operations
CreateMonitor
$result = $client->createMonitor([/* ... */]); $promise = $client->createMonitorAsync([/* ... */]);
Create a monitor for specific network flows between local and remote resources, so that you can monitor network performance for one or several of your workloads. For each monitor, Network Flow Monitor publishes detailed end-to-end performance metrics and a network health indicator (NHI) that informs you whether there were Amazon Web Services network issues for one or more of the network flows tracked by a monitor, during a time period that you choose.
Parameter Syntax
$result = $client->createMonitor([
'clientToken' => '<string>',
'localResources' => [ // REQUIRED
[
'identifier' => '<string>', // REQUIRED
'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::Region', // REQUIRED
],
// ...
],
'monitorName' => '<string>', // REQUIRED
'remoteResources' => [
[
'identifier' => '<string>', // REQUIRED
'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::AWSService|AWS::Region', // REQUIRED
],
// ...
],
'scopeArn' => '<string>', // REQUIRED
'tags' => ['<string>', ...],
]);
Parameter Details
Members
- clientToken
-
- Type: string
A unique, case-sensitive string of up to 64 ASCII characters that you specify to make an idempotent API request. Don't reuse the same client token for other API requests.
- localResources
-
- Required: Yes
- Type: Array of MonitorLocalResource structures
The local resources to monitor. A local resource in a workload is the location of the host, or hosts, where the Network Flow Monitor agent is installed. For example, if a workload consists of an interaction between a web service and a backend database (for example, Amazon Dynamo DB), the subnet with the EC2 instance that hosts the web service, which also runs the agent, is the local resource.
Be aware that all local resources must belong to the current Region.
- monitorName
-
- Required: Yes
- Type: string
The name of the monitor.
- remoteResources
-
- Type: Array of MonitorRemoteResource structures
The remote resources to monitor. A remote resource is the other endpoint in the bi-directional flow of a workload, with a local resource. For example, Amazon Dynamo DB can be a remote resource.
When you specify remote resources, be aware that specific combinations of resources are allowed and others are not, including the following constraints:
-
All remote resources that you specify must all belong to a single Region.
-
If you specify Amazon Web Services services as remote resources, any other remote resources that you specify must be in the current Region.
-
When you specify a remote resource for another Region, you can only specify the
Regionresource type. You cannot specify a subnet, VPC, or Availability Zone in another Region. -
If you leave the
RemoteResourcesparameter empty, the monitor will include all network flows that terminate in the current Region.
- scopeArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the scope for the monitor.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags for a monitor. You can add a maximum of 200 tags.
Result Syntax
[
'createdAt' => <DateTime>,
'localResources' => [
[
'identifier' => '<string>',
'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::Region',
],
// ...
],
'modifiedAt' => <DateTime>,
'monitorArn' => '<string>',
'monitorName' => '<string>',
'monitorStatus' => 'PENDING|ACTIVE|INACTIVE|ERROR|DELETING',
'remoteResources' => [
[
'identifier' => '<string>',
'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::AWSService|AWS::Region',
],
// ...
],
'tags' => ['<string>', ...],
]
Result Details
Members
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the monitor was created.
- localResources
-
- Required: Yes
- Type: Array of MonitorLocalResource structures
The local resources to monitor. A local resource in a workload is the location of hosts where the Network Flow Monitor agent is installed.
- modifiedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The last date and time that the monitor was modified.
- monitorArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the monitor.
- monitorName
-
- Required: Yes
- Type: string
The name of the monitor.
- monitorStatus
-
- Required: Yes
- Type: string
The status of a monitor. The status can be one of the following
-
PENDING: The monitor is in the process of being created. -
ACTIVE: The monitor is active. -
INACTIVE: The monitor is inactive. -
ERROR: Monitor creation failed due to an error. -
DELETING: The monitor is in the process of being deleted.
- remoteResources
-
- Required: Yes
- Type: Array of MonitorRemoteResource structures
The remote resources to monitor. A remote resource is the other endpoint specified for the network flow of a workload, with a local resource. For example, Amazon Dynamo DB can be a remote resource.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags for a monitor.
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ConflictException:
The requested resource is in use.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
CreateScope
$result = $client->createScope([/* ... */]); $promise = $client->createScopeAsync([/* ... */]);
In Network Flow Monitor, you specify a scope for the service to generate metrics for. By using the scope, Network Flow Monitor can generate a topology of all the resources to measure performance metrics for. When you create a scope, you enable permissions for Network Flow Monitor.
A scope is a Region-account pair or multiple Region-account pairs. Network Flow Monitor uses your scope to determine all the resources (the topology) where Network Flow Monitor will gather network flow performance metrics for you. To provide performance metrics, Network Flow Monitor uses the data that is sent by the Network Flow Monitor agents you install on the resources.
To define the Region-account pairs for your scope, the Network Flow Monitor API uses the following constucts, which allow for future flexibility in defining scopes:
-
Targets, which are arrays of targetResources.
-
Target resources, which are Region-targetIdentifier pairs.
-
Target identifiers, made up of a targetID (currently always an account ID) and a targetType (currently always an account).
Parameter Syntax
$result = $client->createScope([
'clientToken' => '<string>',
'tags' => ['<string>', ...],
'targets' => [ // REQUIRED
[
'region' => '<string>', // REQUIRED
'targetIdentifier' => [ // REQUIRED
'targetId' => [ // REQUIRED
'accountId' => '<string>',
],
'targetType' => 'ACCOUNT', // REQUIRED
],
],
// ...
],
]);
Parameter Details
Members
- clientToken
-
- Type: string
A unique, case-sensitive string of up to 64 ASCII characters that you specify to make an idempotent API request. Don't reuse the same client token for other API requests.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags for a scope. You can add a maximum of 200 tags.
- targets
-
- Required: Yes
- Type: Array of TargetResource structures
The targets to define the scope to be monitored. A target is an array of targetResources, which are currently Region-account pairs, defined by targetResource constructs.
Result Syntax
[
'scopeArn' => '<string>',
'scopeId' => '<string>',
'status' => 'SUCCEEDED|IN_PROGRESS|FAILED|DEACTIVATING|DEACTIVATED',
'tags' => ['<string>', ...],
]
Result Details
Members
- scopeArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the scope.
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources you want to get metrics for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.
- status
-
- Required: Yes
- Type: string
The status for a scope. The status can be one of the following:
SUCCEEDED,IN_PROGRESS,FAILED,DEACTIVATING, orDEACTIVATED.A status of
DEACTIVATINGmeans that you've requested a scope to be deactivated and Network Flow Monitor is in the process of deactivating the scope. A status ofDEACTIVATEDmeans that the deactivating process is complete. - tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags for a scope.
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ConflictException:
The requested resource is in use.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
DeleteMonitor
$result = $client->deleteMonitor([/* ... */]); $promise = $client->deleteMonitorAsync([/* ... */]);
Deletes a monitor in Network Flow Monitor.
Parameter Syntax
$result = $client->deleteMonitor([
'monitorName' => '<string>', // REQUIRED
]);
Parameter Details
Members
- monitorName
-
- Required: Yes
- Type: string
The name of the monitor to delete.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The request specifies a resource that doesn't exist.
- ConflictException:
The requested resource is in use.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
DeleteScope
$result = $client->deleteScope([/* ... */]); $promise = $client->deleteScopeAsync([/* ... */]);
Deletes a scope that has been defined.
Parameter Syntax
$result = $client->deleteScope([
'scopeId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.
Result Syntax
[]
Result Details
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ResourceNotFoundException:
The request specifies a resource that doesn't exist.
- ConflictException:
The requested resource is in use.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
GetMonitor
$result = $client->getMonitor([/* ... */]); $promise = $client->getMonitorAsync([/* ... */]);
Gets information about a monitor in Network Flow Monitor based on a monitor name. The information returned includes the Amazon Resource Name (ARN), create time, modified time, resources included in the monitor, and status information.
Parameter Syntax
$result = $client->getMonitor([
'monitorName' => '<string>', // REQUIRED
]);
Parameter Details
Members
- monitorName
-
- Required: Yes
- Type: string
The name of the monitor.
Result Syntax
[
'createdAt' => <DateTime>,
'localResources' => [
[
'identifier' => '<string>',
'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::Region',
],
// ...
],
'modifiedAt' => <DateTime>,
'monitorArn' => '<string>',
'monitorName' => '<string>',
'monitorStatus' => 'PENDING|ACTIVE|INACTIVE|ERROR|DELETING',
'remoteResources' => [
[
'identifier' => '<string>',
'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::AWSService|AWS::Region',
],
// ...
],
'tags' => ['<string>', ...],
]
Result Details
Members
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the monitor was created.
- localResources
-
- Required: Yes
- Type: Array of MonitorLocalResource structures
The local resources to monitor. A local resource in a workload is the location of the hosts where the Network Flow Monitor agent is installed.
- modifiedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the monitor was last modified.
- monitorArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the monitor.
- monitorName
-
- Required: Yes
- Type: string
The name of the monitor.
- monitorStatus
-
- Required: Yes
- Type: string
The status of a monitor. The status can be one of the following
-
PENDING: The monitor is in the process of being created. -
ACTIVE: The monitor is active. -
INACTIVE: The monitor is inactive. -
ERROR: Monitor creation failed due to an error. -
DELETING: The monitor is in the process of being deleted.
- remoteResources
-
- Required: Yes
- Type: Array of MonitorRemoteResource structures
The remote resources to monitor. A remote resource is the other endpoint specified for the network flow of a workload, with a local resource. For example, Amazon Dynamo DB can be a remote resource.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags for a monitor.
Errors
- ResourceNotFoundException:
The request specifies a resource that doesn't exist.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
GetQueryResultsMonitorTopContributors
$result = $client->getQueryResultsMonitorTopContributors([/* ... */]); $promise = $client->getQueryResultsMonitorTopContributorsAsync([/* ... */]);
Return the data for a query with the Network Flow Monitor query interface. You specify the query that you want to return results for by providing a query ID and a monitor name. This query returns the top contributors for a specific monitor.
Create a query ID for this call by calling the corresponding API call to start the query, StartQueryMonitorTopContributors. Use the scope ID that was returned for your account by CreateScope.
Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable call for the top contributors that you want to be returned.
Parameter Syntax
$result = $client->getQueryResultsMonitorTopContributors([
'maxResults' => <integer>,
'monitorName' => '<string>', // REQUIRED
'nextToken' => '<string>',
'queryId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- maxResults
-
- Type: int
The number of query results that you want to return with this call.
- monitorName
-
- Required: Yes
- Type: string
The name of the monitor.
- nextToken
-
- Type: string
The token for the next set of results. You receive this token from a previous call.
- queryId
-
- Required: Yes
- Type: string
The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to create a query.
Result Syntax
[
'nextToken' => '<string>',
'topContributors' => [
[
'destinationCategory' => 'INTRA_AZ|INTER_AZ|INTER_VPC|UNCLASSIFIED|AMAZON_S3|AMAZON_DYNAMODB|INTER_REGION',
'dnatIp' => '<string>',
'kubernetesMetadata' => [
'localPodName' => '<string>',
'localPodNamespace' => '<string>',
'localServiceName' => '<string>',
'remotePodName' => '<string>',
'remotePodNamespace' => '<string>',
'remoteServiceName' => '<string>',
],
'localAz' => '<string>',
'localInstanceArn' => '<string>',
'localInstanceId' => '<string>',
'localIp' => '<string>',
'localRegion' => '<string>',
'localSubnetArn' => '<string>',
'localSubnetId' => '<string>',
'localVpcArn' => '<string>',
'localVpcId' => '<string>',
'remoteAz' => '<string>',
'remoteInstanceArn' => '<string>',
'remoteInstanceId' => '<string>',
'remoteIp' => '<string>',
'remoteRegion' => '<string>',
'remoteSubnetArn' => '<string>',
'remoteSubnetId' => '<string>',
'remoteVpcArn' => '<string>',
'remoteVpcId' => '<string>',
'snatIp' => '<string>',
'targetPort' => <integer>,
'traversedConstructs' => [
[
'componentArn' => '<string>',
'componentId' => '<string>',
'componentType' => '<string>',
'serviceName' => '<string>',
],
// ...
],
'value' => <integer>,
],
// ...
],
'unit' => 'Seconds|Microseconds|Milliseconds|Bytes|Kilobytes|Megabytes|Gigabytes|Terabytes|Bits|Kilobits|Megabits|Gigabits|Terabits|Percent|Count|Bytes/Second|Kilobytes/Second|Megabytes/Second|Gigabytes/Second|Terabytes/Second|Bits/Second|Kilobits/Second|Megabits/Second|Gigabits/Second|Terabits/Second|Count/Second|None',
]
Result Details
Members
- nextToken
-
- Type: string
The token for the next set of results. You receive this token from a previous call.
- topContributors
-
- Type: Array of MonitorTopContributorsRow structures
The top contributor network flows overall for a specific metric type, for example, the number of retransmissions.
- unit
-
- Type: string
The units for a metric returned by the query.
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ResourceNotFoundException:
The request specifies a resource that doesn't exist.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
GetQueryResultsWorkloadInsightsTopContributors
$result = $client->getQueryResultsWorkloadInsightsTopContributors([/* ... */]); $promise = $client->getQueryResultsWorkloadInsightsTopContributorsAsync([/* ... */]);
Return the data for a query with the Network Flow Monitor query interface. You specify the query that you want to return results for by providing a query ID and a monitor name.
This query returns the top contributors for a scope for workload insights. Workload insights provide a high level view of network flow performance data collected by agents. To return the data for the top contributors, see GetQueryResultsWorkloadInsightsTopContributorsData.
Create a query ID for this call by calling the corresponding API call to start the query, StartQueryWorkloadInsightsTopContributors. Use the scope ID that was returned for your account by CreateScope.
Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable call for the top contributors that you want to be returned.
Parameter Syntax
$result = $client->getQueryResultsWorkloadInsightsTopContributors([
'maxResults' => <integer>,
'nextToken' => '<string>',
'queryId' => '<string>', // REQUIRED
'scopeId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- maxResults
-
- Type: int
The number of query results that you want to return with this call.
- nextToken
-
- Type: string
The token for the next set of results. You receive this token from a previous call.
- queryId
-
- Required: Yes
- Type: string
The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to create a query.
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.
Result Syntax
[
'nextToken' => '<string>',
'topContributors' => [
[
'accountId' => '<string>',
'localAz' => '<string>',
'localRegion' => '<string>',
'localSubnetArn' => '<string>',
'localSubnetId' => '<string>',
'localVpcArn' => '<string>',
'localVpcId' => '<string>',
'remoteIdentifier' => '<string>',
'value' => <integer>,
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
The token for the next set of results. You receive this token from a previous call.
- topContributors
-
- Type: Array of WorkloadInsightsTopContributorsRow structures
The top contributor network flows overall for a specific metric type, for example, the number of retransmissions.
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ResourceNotFoundException:
The request specifies a resource that doesn't exist.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
GetQueryResultsWorkloadInsightsTopContributorsData
$result = $client->getQueryResultsWorkloadInsightsTopContributorsData([/* ... */]); $promise = $client->getQueryResultsWorkloadInsightsTopContributorsDataAsync([/* ... */]);
Return the data for a query with the Network Flow Monitor query interface. Specify the query that you want to return results for by providing a query ID and a scope ID.
This query returns the data for top contributors for workload insights for a specific scope. Workload insights provide a high level view of network flow performance data collected by agents for a scope. To return just the top contributors, see GetQueryResultsWorkloadInsightsTopContributors.
Create a query ID for this call by calling the corresponding API call to start the query, StartQueryWorkloadInsightsTopContributorsData. Use the scope ID that was returned for your account by CreateScope.
Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable call for the top contributors that you want to be returned.
The top contributor network flows overall are for a specific metric type, for example, the number of retransmissions.
Parameter Syntax
$result = $client->getQueryResultsWorkloadInsightsTopContributorsData([
'maxResults' => <integer>,
'nextToken' => '<string>',
'queryId' => '<string>', // REQUIRED
'scopeId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- maxResults
-
- Type: int
The number of query results that you want to return with this call.
- nextToken
-
- Type: string
The token for the next set of results. You receive this token from a previous call.
- queryId
-
- Required: Yes
- Type: string
The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to create a query.
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.
Result Syntax
[
'datapoints' => [
[
'label' => '<string>',
'timestamps' => [<DateTime>, ...],
'values' => [<float>, ...],
],
// ...
],
'nextToken' => '<string>',
'unit' => 'Seconds|Microseconds|Milliseconds|Bytes|Kilobytes|Megabytes|Gigabytes|Terabytes|Bits|Kilobits|Megabits|Gigabits|Terabits|Percent|Count|Bytes/Second|Kilobytes/Second|Megabytes/Second|Gigabytes/Second|Terabytes/Second|Bits/Second|Kilobits/Second|Megabits/Second|Gigabits/Second|Terabits/Second|Count/Second|None',
]
Result Details
Members
- datapoints
-
- Required: Yes
- Type: Array of WorkloadInsightsTopContributorsDataPoint structures
The datapoints returned by the query.
- nextToken
-
- Type: string
The token for the next set of results. You receive this token from a previous call.
- unit
-
- Required: Yes
- Type: string
The units for a metric returned by the query.
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ResourceNotFoundException:
The request specifies a resource that doesn't exist.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
GetQueryStatusMonitorTopContributors
$result = $client->getQueryStatusMonitorTopContributors([/* ... */]); $promise = $client->getQueryStatusMonitorTopContributorsAsync([/* ... */]);
Returns the current status of a query for the Network Flow Monitor query interface, for a specified query ID and monitor. This call returns the query status for the top contributors for a monitor.
When you create a query, use this call to check the status of the query to make sure that it has has SUCCEEDED before you review the results. Use the same query ID that you used for the corresponding API call to start (create) the query, StartQueryMonitorTopContributors.
When you run a query, use this call to check the status of the query to make sure that the query has SUCCEEDED before you review the results.
Parameter Syntax
$result = $client->getQueryStatusMonitorTopContributors([
'monitorName' => '<string>', // REQUIRED
'queryId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- monitorName
-
- Required: Yes
- Type: string
The name of the monitor.
- queryId
-
- Required: Yes
- Type: string
The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.
Result Syntax
[
'status' => 'QUEUED|RUNNING|SUCCEEDED|FAILED|CANCELED',
]
Result Details
Members
- status
-
- Required: Yes
- Type: string
When you run a query, use this call to check the status of the query to make sure that the query has
SUCCEEDEDbefore you review the results.-
QUEUED: The query is scheduled to run. -
RUNNING: The query is in progress but not complete. -
SUCCEEDED: The query completed sucessfully. -
FAILED: The query failed due to an error. -
CANCELED: The query was canceled.
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
GetQueryStatusWorkloadInsightsTopContributors
$result = $client->getQueryStatusWorkloadInsightsTopContributors([/* ... */]); $promise = $client->getQueryStatusWorkloadInsightsTopContributorsAsync([/* ... */]);
Return the data for a query with the Network Flow Monitor query interface. Specify the query that you want to return results for by providing a query ID and a monitor name. This query returns the top contributors for workload insights.
When you start a query, use this call to check the status of the query to make sure that it has has SUCCEEDED before you review the results. Use the same query ID that you used for the corresponding API call to start the query, StartQueryWorkloadInsightsTopContributors.
Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable call for the top contributors that you want to be returned.
Parameter Syntax
$result = $client->getQueryStatusWorkloadInsightsTopContributors([
'queryId' => '<string>', // REQUIRED
'scopeId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- queryId
-
- Required: Yes
- Type: string
The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.
Result Syntax
[
'status' => 'QUEUED|RUNNING|SUCCEEDED|FAILED|CANCELED',
]
Result Details
Members
- status
-
- Required: Yes
- Type: string
When you run a query, use this call to check the status of the query to make sure that the query has
SUCCEEDEDbefore you review the results.-
QUEUED: The query is scheduled to run. -
RUNNING: The query is in progress but not complete. -
SUCCEEDED: The query completed sucessfully. -
FAILED: The query failed due to an error. -
CANCELED: The query was canceled.
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
GetQueryStatusWorkloadInsightsTopContributorsData
$result = $client->getQueryStatusWorkloadInsightsTopContributorsData([/* ... */]); $promise = $client->getQueryStatusWorkloadInsightsTopContributorsDataAsync([/* ... */]);
Returns the current status of a query for the Network Flow Monitor query interface, for a specified query ID and monitor. This call returns the query status for the top contributors data for workload insights.
When you start a query, use this call to check the status of the query to make sure that it has has SUCCEEDED before you review the results. Use the same query ID that you used for the corresponding API call to start the query, StartQueryWorkloadInsightsTopContributorsData.
Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable call for the top contributors that you want to be returned.
The top contributor network flows overall are for a specific metric type, for example, the number of retransmissions.
Parameter Syntax
$result = $client->getQueryStatusWorkloadInsightsTopContributorsData([
'queryId' => '<string>', // REQUIRED
'scopeId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- queryId
-
- Required: Yes
- Type: string
The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account. A scope ID is returned from a
CreateScopeAPI call.
Result Syntax
[
'status' => 'QUEUED|RUNNING|SUCCEEDED|FAILED|CANCELED',
]
Result Details
Members
- status
-
- Required: Yes
- Type: string
The status of a query for top contributors data.
-
QUEUED: The query is scheduled to run. -
RUNNING: The query is in progress but not complete. -
SUCCEEDED: The query completed sucessfully. -
FAILED: The query failed due to an error. -
CANCELED: The query was canceled.
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
GetScope
$result = $client->getScope([/* ... */]); $promise = $client->getScopeAsync([/* ... */]);
Gets information about a scope, including the name, status, tags, and target details. The scope in Network Flow Monitor is an account.
Parameter Syntax
$result = $client->getScope([
'scopeId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account. A scope ID is returned from a
CreateScopeAPI call.
Result Syntax
[
'scopeArn' => '<string>',
'scopeId' => '<string>',
'status' => 'SUCCEEDED|IN_PROGRESS|FAILED|DEACTIVATING|DEACTIVATED',
'tags' => ['<string>', ...],
'targets' => [
[
'region' => '<string>',
'targetIdentifier' => [
'targetId' => [
'accountId' => '<string>',
],
'targetType' => 'ACCOUNT',
],
],
// ...
],
]
Result Details
Members
- scopeArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the scope.
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account. A scope ID is returned from a
CreateScopeAPI call. - status
-
- Required: Yes
- Type: string
The status for a scope. The status can be one of the following:
SUCCEEDED,IN_PROGRESS,FAILED,DEACTIVATING, orDEACTIVATED.A status of
DEACTIVATINGmeans that you've requested a scope to be deactivated and Network Flow Monitor is in the process of deactivating the scope. A status ofDEACTIVATEDmeans that the deactivating process is complete. - tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags for a scope.
- targets
-
- Required: Yes
- Type: Array of TargetResource structures
The targets to define the scope to be monitored. A target is an array of targetResources, which are currently Region-account pairs, defined by targetResource constructs.
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ResourceNotFoundException:
The request specifies a resource that doesn't exist.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
ListMonitors
$result = $client->listMonitors([/* ... */]); $promise = $client->listMonitorsAsync([/* ... */]);
List all monitors in an account. Optionally, you can list only monitors that have a specific status, by using the STATUS parameter.
Parameter Syntax
$result = $client->listMonitors([
'maxResults' => <integer>,
'monitorStatus' => 'PENDING|ACTIVE|INACTIVE|ERROR|DELETING',
'nextToken' => '<string>',
]);
Parameter Details
Members
- maxResults
-
- Type: int
The number of query results that you want to return with this call.
- monitorStatus
-
- Type: string
The status of a monitor. The status can be one of the following
-
PENDING: The monitor is in the process of being created. -
ACTIVE: The monitor is active. -
INACTIVE: The monitor is inactive. -
ERROR: Monitor creation failed due to an error. -
DELETING: The monitor is in the process of being deleted.
- nextToken
-
- Type: string
The token for the next set of results. You receive this token from a previous call.
Result Syntax
[
'monitors' => [
[
'monitorArn' => '<string>',
'monitorName' => '<string>',
'monitorStatus' => 'PENDING|ACTIVE|INACTIVE|ERROR|DELETING',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- monitors
-
- Required: Yes
- Type: Array of MonitorSummary structures
The monitors that are in an account.
- nextToken
-
- Type: string
The token for the next set of results. You receive this token from a previous call.
Errors
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
ListScopes
$result = $client->listScopes([/* ... */]); $promise = $client->listScopesAsync([/* ... */]);
List all the scopes for an account.
Parameter Syntax
$result = $client->listScopes([
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- maxResults
-
- Type: int
The number of query results that you want to return with this call.
- nextToken
-
- Type: string
The token for the next set of results. You receive this token from a previous call.
Result Syntax
[
'nextToken' => '<string>',
'scopes' => [
[
'scopeArn' => '<string>',
'scopeId' => '<string>',
'status' => 'SUCCEEDED|IN_PROGRESS|FAILED|DEACTIVATING|DEACTIVATED',
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
The token for the next set of results. You receive this token from a previous call.
- scopes
-
- Required: Yes
- Type: Array of ScopeSummary structures
The scopes returned by the call.
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
ListTagsForResource
$result = $client->listTagsForResource([/* ... */]); $promise = $client->listTagsForResourceAsync([/* ... */]);
Returns all the tags for a resource.
Parameter Syntax
$result = $client->listTagsForResource([
'resourceArn' => '<string>', // REQUIRED
]);
Parameter Details
Members
- resourceArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the resource.
Result Syntax
[
'tags' => ['<string>', ...],
]
Result Details
Members
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags for a resource.
Errors
- ResourceNotFoundException:
The request specifies a resource that doesn't exist.
- ConflictException:
The requested resource is in use.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
StartQueryMonitorTopContributors
$result = $client->startQueryMonitorTopContributors([/* ... */]); $promise = $client->startQueryMonitorTopContributorsAsync([/* ... */]);
Create a query that you can use with the Network Flow Monitor query interface to return the top contributors for a monitor. Specify the monitor that you want to create the query for.
The call returns a query ID that you can use with GetQueryResultsMonitorTopContributors to run the query and return the top contributors for a specific monitor.
Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable APIs for the top contributors that you want to be returned.
Parameter Syntax
$result = $client->startQueryMonitorTopContributors([
'destinationCategory' => 'INTRA_AZ|INTER_AZ|INTER_VPC|UNCLASSIFIED|AMAZON_S3|AMAZON_DYNAMODB|INTER_REGION', // REQUIRED
'endTime' => <integer || string || DateTime>, // REQUIRED
'limit' => <integer>,
'metricName' => 'ROUND_TRIP_TIME|TIMEOUTS|RETRANSMISSIONS|DATA_TRANSFERRED', // REQUIRED
'monitorName' => '<string>', // REQUIRED
'startTime' => <integer || string || DateTime>, // REQUIRED
]);
Parameter Details
Members
- destinationCategory
-
- Required: Yes
- Type: string
The category that you want to query top contributors for, for a specific monitor. Destination categories can be one of the following:
-
INTRA_AZ: Top contributor network flows within a single Availability Zone -
INTER_AZ: Top contributor network flows between Availability Zones -
INTER_REGION: Top contributor network flows between Regions (to the edge of another Region) -
INTER_VPC: Top contributor network flows between VPCs -
AMAZON_S3: Top contributor network flows to or from Amazon S3 -
AMAZON_DYNAMODB: Top contributor network flows to or from Amazon Dynamo DB -
UNCLASSIFIED: Top contributor network flows that do not have a bucket classification
- endTime
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The timestamp that is the date and time end of the period that you want to retrieve results for with your query.
- limit
-
- Type: int
The maximum number of top contributors to return.
- metricName
-
- Required: Yes
- Type: string
The metric that you want to query top contributors for. That is, you can specify a metric with this call and return the top contributor network flows, for that type of metric, for a monitor and (optionally) within a specific category, such as network flows between Availability Zones.
- monitorName
-
- Required: Yes
- Type: string
The name of the monitor.
- startTime
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The timestamp that is the date and time that is the beginning of the period that you want to retrieve results for with your query.
Result Syntax
[
'queryId' => '<string>',
]
Result Details
Members
- queryId
-
- Required: Yes
- Type: string
The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
StartQueryWorkloadInsightsTopContributors
$result = $client->startQueryWorkloadInsightsTopContributors([/* ... */]); $promise = $client->startQueryWorkloadInsightsTopContributorsAsync([/* ... */]);
Create a query with the Network Flow Monitor query interface that you can run to return workload insights top contributors. Specify the scope that you want to create a query for.
The call returns a query ID that you can use with GetQueryResultsWorkloadInsightsTopContributors to run the query and return the top contributors for the workload insights for a scope.
Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable APIs for the top contributors that you want to be returned.
Parameter Syntax
$result = $client->startQueryWorkloadInsightsTopContributors([
'destinationCategory' => 'INTRA_AZ|INTER_AZ|INTER_VPC|UNCLASSIFIED|AMAZON_S3|AMAZON_DYNAMODB|INTER_REGION', // REQUIRED
'endTime' => <integer || string || DateTime>, // REQUIRED
'limit' => <integer>,
'metricName' => 'TIMEOUTS|RETRANSMISSIONS|DATA_TRANSFERRED', // REQUIRED
'scopeId' => '<string>', // REQUIRED
'startTime' => <integer || string || DateTime>, // REQUIRED
]);
Parameter Details
Members
- destinationCategory
-
- Required: Yes
- Type: string
The destination category for a top contributors row. Destination categories can be one of the following:
-
INTRA_AZ: Top contributor network flows within a single Availability Zone -
INTER_AZ: Top contributor network flows between Availability Zones -
INTER_REGION: Top contributor network flows between Regions (to the edge of another Region) -
INTER_VPC: Top contributor network flows between VPCs -
AWS_SERVICES: Top contributor network flows to or from Amazon Web Services services -
UNCLASSIFIED: Top contributor network flows that do not have a bucket classification
- endTime
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The timestamp that is the date and time end of the period that you want to retrieve results for with your query.
- limit
-
- Type: int
The maximum number of top contributors to return.
- metricName
-
- Required: Yes
- Type: string
The metric that you want to query top contributors for. That is, you can specify this metric to return the top contributor network flows, for this type of metric, for a monitor and (optionally) within a specific category, such as network flows between Availability Zones.
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account. A scope ID is returned from a
CreateScopeAPI call. - startTime
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The timestamp that is the date and time that is the beginning of the period that you want to retrieve results for with your query.
Result Syntax
[
'queryId' => '<string>',
]
Result Details
Members
- queryId
-
- Required: Yes
- Type: string
The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
StartQueryWorkloadInsightsTopContributorsData
$result = $client->startQueryWorkloadInsightsTopContributorsData([/* ... */]); $promise = $client->startQueryWorkloadInsightsTopContributorsDataAsync([/* ... */]);
Create a query with the Network Flow Monitor query interface that you can run to return data for workload insights top contributors. Specify the scope that you want to create a query for.
The call returns a query ID that you can use with GetQueryResultsWorkloadInsightsTopContributorsData to run the query and return the data for the top contributors for the workload insights for a scope.
Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable call for the top contributors that you want to be returned.
Parameter Syntax
$result = $client->startQueryWorkloadInsightsTopContributorsData([
'destinationCategory' => 'INTRA_AZ|INTER_AZ|INTER_VPC|UNCLASSIFIED|AMAZON_S3|AMAZON_DYNAMODB|INTER_REGION', // REQUIRED
'endTime' => <integer || string || DateTime>, // REQUIRED
'metricName' => 'TIMEOUTS|RETRANSMISSIONS|DATA_TRANSFERRED', // REQUIRED
'scopeId' => '<string>', // REQUIRED
'startTime' => <integer || string || DateTime>, // REQUIRED
]);
Parameter Details
Members
- destinationCategory
-
- Required: Yes
- Type: string
The destination category for a top contributors. Destination categories can be one of the following:
-
INTRA_AZ: Top contributor network flows within a single Availability Zone -
INTER_AZ: Top contributor network flows between Availability Zones -
INTER_REGION: Top contributor network flows between Regions (to the edge of another Region) -
INTER_VPC: Top contributor network flows between VPCs -
AWS_SERVICES: Top contributor network flows to or from Amazon Web Services services -
UNCLASSIFIED: Top contributor network flows that do not have a bucket classification
- endTime
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The timestamp that is the date and time end of the period that you want to retrieve results for with your query.
- metricName
-
- Required: Yes
- Type: string
The metric that you want to query top contributors for. That is, you can specify this metric to return the top contributor network flows, for this type of metric, for a monitor and (optionally) within a specific category, such as network flows between Availability Zones.
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.
- startTime
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The timestamp that is the date and time that is the beginning of the period that you want to retrieve results for with your query.
Result Syntax
[
'queryId' => '<string>',
]
Result Details
Members
- queryId
-
- Required: Yes
- Type: string
The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
StopQueryMonitorTopContributors
$result = $client->stopQueryMonitorTopContributors([/* ... */]); $promise = $client->stopQueryMonitorTopContributorsAsync([/* ... */]);
Stop a top contributors query for a monitor. Specify the query that you want to stop by providing a query ID and a monitor name.
Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable call for the top contributors that you want to be returned.
Parameter Syntax
$result = $client->stopQueryMonitorTopContributors([
'monitorName' => '<string>', // REQUIRED
'queryId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- monitorName
-
- Required: Yes
- Type: string
The name of the monitor.
- queryId
-
- Required: Yes
- Type: string
The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to create a query.
Result Syntax
[]
Result Details
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
StopQueryWorkloadInsightsTopContributors
$result = $client->stopQueryWorkloadInsightsTopContributors([/* ... */]); $promise = $client->stopQueryWorkloadInsightsTopContributorsAsync([/* ... */]);
Stop a top contributors query for workload insights. Specify the query that you want to stop by providing a query ID and a scope ID.
Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable call for the top contributors that you want to be returned.
Parameter Syntax
$result = $client->stopQueryWorkloadInsightsTopContributors([
'queryId' => '<string>', // REQUIRED
'scopeId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- queryId
-
- Required: Yes
- Type: string
The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to create a query.
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.
Result Syntax
[]
Result Details
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
StopQueryWorkloadInsightsTopContributorsData
$result = $client->stopQueryWorkloadInsightsTopContributorsData([/* ... */]); $promise = $client->stopQueryWorkloadInsightsTopContributorsDataAsync([/* ... */]);
Stop a top contributors data query for workload insights. Specify the query that you want to stop by providing a query ID and a scope ID.
Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable call for the top contributors that you want to be returned.
Parameter Syntax
$result = $client->stopQueryWorkloadInsightsTopContributorsData([
'queryId' => '<string>', // REQUIRED
'scopeId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- queryId
-
- Required: Yes
- Type: string
The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to create a query.
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.
Result Syntax
[]
Result Details
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
TagResource
$result = $client->tagResource([/* ... */]); $promise = $client->tagResourceAsync([/* ... */]);
Adds a tag to a resource.
Parameter Syntax
$result = $client->tagResource([
'resourceArn' => '<string>', // REQUIRED
'tags' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- resourceArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the resource.
- tags
-
- Required: Yes
- Type: Associative array of custom strings keys (TagKey) to strings
The tags for a resource.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The request specifies a resource that doesn't exist.
- ConflictException:
The requested resource is in use.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
UntagResource
$result = $client->untagResource([/* ... */]); $promise = $client->untagResourceAsync([/* ... */]);
Removes a tag from a resource.
Parameter Syntax
$result = $client->untagResource([
'resourceArn' => '<string>', // REQUIRED
'tagKeys' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- resourceArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the resource.
- tagKeys
-
- Required: Yes
- Type: Array of strings
Keys that you specified when you tagged a resource.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The request specifies a resource that doesn't exist.
- ConflictException:
The requested resource is in use.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
UpdateMonitor
$result = $client->updateMonitor([/* ... */]); $promise = $client->updateMonitorAsync([/* ... */]);
Update a monitor to add or remove local or remote resources.
Parameter Syntax
$result = $client->updateMonitor([
'clientToken' => '<string>',
'localResourcesToAdd' => [
[
'identifier' => '<string>', // REQUIRED
'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::Region', // REQUIRED
],
// ...
],
'localResourcesToRemove' => [
[
'identifier' => '<string>', // REQUIRED
'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::Region', // REQUIRED
],
// ...
],
'monitorName' => '<string>', // REQUIRED
'remoteResourcesToAdd' => [
[
'identifier' => '<string>', // REQUIRED
'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::AWSService|AWS::Region', // REQUIRED
],
// ...
],
'remoteResourcesToRemove' => [
[
'identifier' => '<string>', // REQUIRED
'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::AWSService|AWS::Region', // REQUIRED
],
// ...
],
]);
Parameter Details
Members
- clientToken
-
- Type: string
A unique, case-sensitive string of up to 64 ASCII characters that you specify to make an idempotent API request. Don't reuse the same client token for other API requests.
- localResourcesToAdd
-
- Type: Array of MonitorLocalResource structures
Additional local resources to specify network flows for a monitor, as an array of resources with identifiers and types. A local resource in a workload is the location of hosts where the Network Flow Monitor agent is installed.
- localResourcesToRemove
-
- Type: Array of MonitorLocalResource structures
The local resources to remove, as an array of resources with identifiers and types.
- monitorName
-
- Required: Yes
- Type: string
The name of the monitor.
- remoteResourcesToAdd
-
- Type: Array of MonitorRemoteResource structures
The remote resources to add, as an array of resources with identifiers and types.
A remote resource is the other endpoint in the flow of a workload, with a local resource. For example, Amazon Dynamo DB can be a remote resource.
- remoteResourcesToRemove
-
- Type: Array of MonitorRemoteResource structures
The remote resources to remove, as an array of resources with identifiers and types.
A remote resource is the other endpoint specified for the network flow of a workload, with a local resource. For example, Amazon Dynamo DB can be a remote resource.
Result Syntax
[
'createdAt' => <DateTime>,
'localResources' => [
[
'identifier' => '<string>',
'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::Region',
],
// ...
],
'modifiedAt' => <DateTime>,
'monitorArn' => '<string>',
'monitorName' => '<string>',
'monitorStatus' => 'PENDING|ACTIVE|INACTIVE|ERROR|DELETING',
'remoteResources' => [
[
'identifier' => '<string>',
'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::AWSService|AWS::Region',
],
// ...
],
'tags' => ['<string>', ...],
]
Result Details
Members
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the monitor was created.
- localResources
-
- Required: Yes
- Type: Array of MonitorLocalResource structures
The local resources to monitor. A local resource in a workload is the location of hosts where the Network Flow Monitor agent is installed.
- modifiedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The last date and time that the monitor was modified.
- monitorArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the monitor.
- monitorName
-
- Required: Yes
- Type: string
The name of the monitor.
- monitorStatus
-
- Required: Yes
- Type: string
The status of a monitor. The status can be one of the following
-
PENDING: The monitor is in the process of being created. -
ACTIVE: The monitor is active. -
INACTIVE: The monitor is inactive. -
ERROR: Monitor creation failed due to an error. -
DELETING: The monitor is in the process of being deleted.
- remoteResources
-
- Required: Yes
- Type: Array of MonitorRemoteResource structures
The remote resources updated for a monitor, as an array of resources with identifiers and types.
A remote resource is the other endpoint specified for the network flow of a workload, with a local resource. For example, Amazon Dynamo DB can be a remote resource.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags for a monitor.
Errors
- ResourceNotFoundException:
The request specifies a resource that doesn't exist.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
UpdateScope
$result = $client->updateScope([/* ... */]); $promise = $client->updateScopeAsync([/* ... */]);
Update a scope to add or remove resources that you want to be available for Network Flow Monitor to generate metrics for, when you have active agents on those resources sending metrics reports to the Network Flow Monitor backend.
Parameter Syntax
$result = $client->updateScope([
'resourcesToAdd' => [
[
'region' => '<string>', // REQUIRED
'targetIdentifier' => [ // REQUIRED
'targetId' => [ // REQUIRED
'accountId' => '<string>',
],
'targetType' => 'ACCOUNT', // REQUIRED
],
],
// ...
],
'resourcesToDelete' => [
[
'region' => '<string>', // REQUIRED
'targetIdentifier' => [ // REQUIRED
'targetId' => [ // REQUIRED
'accountId' => '<string>',
],
'targetType' => 'ACCOUNT', // REQUIRED
],
],
// ...
],
'scopeId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- resourcesToAdd
-
- Type: Array of TargetResource structures
A list of resources to add to a scope.
- resourcesToDelete
-
- Type: Array of TargetResource structures
A list of resources to delete from a scope.
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.
Result Syntax
[
'scopeArn' => '<string>',
'scopeId' => '<string>',
'status' => 'SUCCEEDED|IN_PROGRESS|FAILED|DEACTIVATING|DEACTIVATED',
'tags' => ['<string>', ...],
]
Result Details
Members
- scopeArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the scope.
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.
- status
-
- Required: Yes
- Type: string
The status for a scope. The status can be one of the following:
SUCCEEDED,IN_PROGRESS,FAILED,DEACTIVATING, orDEACTIVATED.A status of
DEACTIVATINGmeans that you've requested a scope to be deactivated and Network Flow Monitor is in the process of deactivating the scope. A status ofDEACTIVATEDmeans that the deactivating process is complete. - tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags for a scope.
Errors
- ServiceQuotaExceededException:
The request exceeded a service quota.
- ResourceNotFoundException:
The request specifies a resource that doesn't exist.
- ConflictException:
The requested resource is in use.
- ValidationException:
Invalid request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You don't have sufficient permission to perform this action.
- InternalServerException:
An internal error occurred.
Shapes
AccessDeniedException
Description
You don't have sufficient permission to perform this action.
Members
- message
-
- Type: string
ConflictException
Description
The requested resource is in use.
Members
- message
-
- Type: string
InternalServerException
Description
An internal error occurred.
Members
- message
-
- Type: string
KubernetesMetadata
Description
Meta data about Kubernetes resources.
Members
- localPodName
-
- Type: string
The name of the pod for a local resource.
- localPodNamespace
-
- Type: string
The namespace of the pod for a local resource.
- localServiceName
-
- Type: string
The service name for a local resource.
- remotePodName
-
- Type: string
The name of the pod for a remote resource.
- remotePodNamespace
-
- Type: string
The namespace of the pod for a remote resource.
- remoteServiceName
-
- Type: string
The service name for a remote resource.
MonitorLocalResource
Description
A local resource is the host where the agent is installed. Local resources can be a a subnet, a VPC, an Availability Zone, or an Amazon Web Services service.
Members
- identifier
-
- Required: Yes
- Type: string
The identifier of the local resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b.
- type
-
- Required: Yes
- Type: string
The type of the local resource. Valid values are
AWS::EC2::VPCAWS::AvailabilityZone,AWS::EC2::Subnet, orAWS::Region.
MonitorRemoteResource
Description
A remote resource is the other endpoint in a network flow. That is, one endpoint is the local resource and the other is the remote resource. Remote resources can be a a subnet, a VPC, an Availability Zone, an Amazon Web Services service, or an Amazon Web Services Region.
When a remote resource is an Amazon Web Services Region, Network Flow Monitor provides network performance measurements up to the edge of the Region that you specify.
Members
- identifier
-
- Required: Yes
- Type: string
The identifier of the remote resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b. For an Amazon Web Services Region , this identifier is the Region name, for example, us-west-2.
- type
-
- Required: Yes
- Type: string
The type of the remote resource. Valid values are
AWS::EC2::VPCAWS::AvailabilityZone,AWS::EC2::Subnet,AWS::AWSService, orAWS::Region.
MonitorSummary
Description
A summary of information about a monitor, including the ARN, the name, and the status.
Members
- monitorArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the monitor.
- monitorName
-
- Required: Yes
- Type: string
The name of the monitor.
- monitorStatus
-
- Required: Yes
- Type: string
The status of a monitor. The status can be one of the following
-
PENDING: The monitor is in the process of being created. -
ACTIVE: The monitor is active. -
INACTIVE: The monitor is inactive. -
ERROR: Monitor creation failed due to an error. -
DELETING: The monitor is in the process of being deleted.
MonitorTopContributorsRow
Description
A set of information for a top contributor network flow in a monitor. In a monitor, Network Flow Monitor returns information about the network flows for top contributors for each metric. Top contributors are network flows with the top values for each metric type.
Members
- destinationCategory
-
- Type: string
The destination category for a top contributors row. Destination categories can be one of the following:
-
INTRA_AZ: Top contributor network flows within a single Availability Zone -
INTER_AZ: Top contributor network flows between Availability Zones -
INTER_REGION: Top contributor network flows between Regions (to the edge of another Region) -
INTER_VPC: Top contributor network flows between VPCs -
AWS_SERVICES: Top contributor network flows to or from Amazon Web Services services -
UNCLASSIFIED: Top contributor network flows that do not have a bucket classification
- dnatIp
-
- Type: string
The destination network address translation (DNAT) IP address for a top contributor network flow.
- kubernetesMetadata
-
- Type: KubernetesMetadata structure
Meta data about Kubernetes resources.
- localAz
-
- Type: string
The Availability Zone for the local resource for a top contributor network flow.
- localInstanceArn
-
- Type: string
The Amazon Resource Name (ARN) of a local resource.
- localInstanceId
-
- Type: string
The instance identifier for the local resource for a top contributor network flow.
- localIp
-
- Type: string
The IP address of the local resource for a top contributor network flow.
- localRegion
-
- Type: string
The Amazon Web Services Region for the local resource for a top contributor network flow.
- localSubnetArn
-
- Type: string
The Amazon Resource Name (ARN) of a local subnet.
- localSubnetId
-
- Type: string
The subnet ID for the local resource for a top contributor network flow.
- localVpcArn
-
- Type: string
The Amazon Resource Name (ARN) of a local VPC.
- localVpcId
-
- Type: string
The VPC ID for a top contributor network flow for the local resource.
- remoteAz
-
- Type: string
The Availability Zone for the remote resource for a top contributor network flow.
- remoteInstanceArn
-
- Type: string
The Amazon Resource Name (ARN) of a remote resource.
- remoteInstanceId
-
- Type: string
The instance identifier for the remote resource for a top contributor network flow.
- remoteIp
-
- Type: string
The IP address of the remote resource for a top contributor network flow.
- remoteRegion
-
- Type: string
The Amazon Web Services Region for the remote resource for a top contributor network flow.
- remoteSubnetArn
-
- Type: string
The Amazon Resource Name (ARN) of a remote subnet.
- remoteSubnetId
-
- Type: string
The subnet ID for the remote resource for a top contributor network flow.
- remoteVpcArn
-
- Type: string
The Amazon Resource Name (ARN) of a remote VPC.
- remoteVpcId
-
- Type: string
The VPC ID for a top contributor network flow for the remote resource.
- snatIp
-
- Type: string
The secure network address translation (SNAT) IP address for a top contributor network flow.
- targetPort
-
- Type: int
The target port.
- traversedConstructs
-
- Type: Array of TraversedComponent structures
The constructs traversed by a network flow.
- value
-
- Type: long (int|float)
The value of the metric for a top contributor network flow.
ResourceNotFoundException
Description
The request specifies a resource that doesn't exist.
Members
- message
-
- Type: string
ScopeSummary
Description
A summary of information about a scope, including the ARN, target ID, and Amazon Web Services Region.
Members
- scopeArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the scope.
- scopeId
-
- Required: Yes
- Type: string
The identifier for the scope that includes the resources that you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for the accounts in a scope.
- status
-
- Required: Yes
- Type: string
The status for a scope. The status can be one of the following:
SUCCEEDED,IN_PROGRESS,FAILED,DEACTIVATING, orDEACTIVATED.A status of
DEACTIVATINGmeans that you've requested a scope to be deactivated and Network Flow Monitor is in the process of deactivating the scope. A status ofDEACTIVATEDmeans that the deactivating process is complete.
ServiceQuotaExceededException
Description
The request exceeded a service quota.
Members
- message
-
- Type: string
TargetId
Description
A target ID is an internally-generated identifier for a target. A target allows you to identify all the resources in a Network Flow Monitor scope. Currently, a target is always an Amazon Web Services account.
Members
- accountId
-
- Type: string
The identifier for the account for a target.
TargetIdentifier
Description
A target identifier is a pair of identifying information for a scope that is included in a target. A target identifier is made up of a target ID and a target type. Currently the target ID is always an account ID and the target type is always ACCOUNT.
Members
- targetId
-
- Required: Yes
- Type: TargetId structure
The identifier for a target, which is currently always an account ID .
- targetType
-
- Required: Yes
- Type: string
The type of a target. A target type is currently always
ACCOUNT.
TargetResource
Description
A target resource in a scope. The resource is identified by a Region and an account, defined by a target identifier. A target identifier is made up of a target ID (currently always an account ID) and a target type (currently always ACCOUNT).
Members
- region
-
- Required: Yes
- Type: string
The Amazon Web Services Region for the scope.
- targetIdentifier
-
- Required: Yes
- Type: TargetIdentifier structure
A target identifier is a pair of identifying information for a scope. A target identifier is made up of a targetID (currently always an account ID) and a targetType (currently always an account).
ThrottlingException
Description
The request was denied due to request throttling.
Members
- message
-
- Type: string
TraversedComponent
Description
A section of the network that a network flow has traveled through.
Members
- componentArn
-
- Type: string
The Amazon Resource Name (ARN) of a traversed component.
- componentId
-
- Type: string
The identifier for the traversed component.
- componentType
-
- Type: string
The type of component that was traversed.
- serviceName
-
- Type: string
The service name for the traversed component.
ValidationException
Description
Invalid request.
Members
- message
-
- Type: string
WorkloadInsightsTopContributorsDataPoint
Description
A data point for a top contributor network flow in a scope. Network Flow Monitor returns information about the network flows with the top values for each metric type, which are called top contributors.
Members
- label
-
- Required: Yes
- Type: string
The label identifying the data point.
- timestamps
-
- Required: Yes
- Type: Array of timestamp (string|DateTime or anything parsable by strtotime)s
An array of the timestamps for the data point.
- values
-
- Required: Yes
- Type: Array of doubles
The values for the data point.
WorkloadInsightsTopContributorsRow
Description
A row for a top contributor for a scope.
Members
- accountId
-
- Type: string
The account ID for a specific row of data.
- localAz
-
- Type: string
The identifier for the Availability Zone where the local resource is located.
- localRegion
-
- Type: string
The Amazon Web Services Region where the local resource is located.
- localSubnetArn
-
- Type: string
The Amazon Resource Name (ARN) of a local subnet.
- localSubnetId
-
- Type: string
The subnet identifier for the local resource.
- localVpcArn
-
- Type: string
The Amazon Resource Name (ARN) of a local VPC.
- localVpcId
-
- Type: string
The identifier for the VPC for the local resource.
- remoteIdentifier
-
- Type: string
The identifier of a remote resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b. For an Amazon Web Services Region , this identifier is the Region name, for example, us-west-2.
- value
-
- Type: long (int|float)
The value for a metric.