SDK for PHP V3
CloudWatch Observability Admin Service 2018-05-10
- Client: Aws\ObservabilityAdmin\ObservabilityAdminClient
- Service ID: observabilityadmin
- Version: 2018-05-10
This page describes the parameters and results for the operations of the CloudWatch Observability Admin Service (2018-05-10), and shows how to use the Aws\ObservabilityAdmin\ObservabilityAdminClient object to call the described operations. This documentation is specific to the 2018-05-10 API version of the service.
Operation Summary
Each of the following operations can be created from a client using
$client->getCommand('CommandName'), where "CommandName" is the
name of one of the following operations. Note: a command is a value that
encapsulates an operation and the parameters used to create an HTTP request.
You can also create and send a command immediately using the magic methods
available on a client object: $client->commandName(/* parameters */).
You can send the command asynchronously (returning a promise) by appending the
word "Async" to the operation name: $client->commandNameAsync(/* parameters */).
- CreateCentralizationRuleForOrganization ( array $params = [] )
- Creates a centralization rule that applies across an Amazon Web Services Organization.
- CreateS3TableIntegration ( array $params = [] )
- Creates an integration between CloudWatch and S3 Tables for analytics.
- CreateTelemetryPipeline ( array $params = [] )
- Creates a telemetry pipeline for processing and transforming telemetry data.
- CreateTelemetryRule ( array $params = [] )
- Creates a telemetry rule that defines how telemetry should be configured for Amazon Web Services resources in your account.
- CreateTelemetryRuleForOrganization ( array $params = [] )
- Creates a telemetry rule that applies across an Amazon Web Services Organization.
- DeleteCentralizationRuleForOrganization ( array $params = [] )
- Deletes an organization-wide centralization rule.
- DeleteS3TableIntegration ( array $params = [] )
- Deletes an S3 Table integration and its associated data.
- DeleteTelemetryPipeline ( array $params = [] )
- Deletes a telemetry pipeline and its associated resources.
- DeleteTelemetryRule ( array $params = [] )
- Deletes a telemetry rule from your account.
- DeleteTelemetryRuleForOrganization ( array $params = [] )
- Deletes an organization-wide telemetry rule.
- GetCentralizationRuleForOrganization ( array $params = [] )
- Retrieves the details of a specific organization centralization rule.
- GetS3TableIntegration ( array $params = [] )
- Retrieves information about a specific S3 Table integration, including its configuration, status, and metadata.
- GetTelemetryEnrichmentStatus ( array $params = [] )
- Returns the current status of the resource tags for telemetry feature, which enhances telemetry data with additional resource metadata from Resource Explorer.
- GetTelemetryEvaluationStatus ( array $params = [] )
- Returns the current onboarding status of the telemetry config feature, including the status of the feature and reason the feature failed to start or stop.
- GetTelemetryEvaluationStatusForOrganization ( array $params = [] )
- This returns the onboarding status of the telemetry configuration feature for the organization.
- GetTelemetryPipeline ( array $params = [] )
- Retrieves information about a specific telemetry pipeline, including its configuration, status, and metadata.
- GetTelemetryRule ( array $params = [] )
- Retrieves the details of a specific telemetry rule in your account.
- GetTelemetryRuleForOrganization ( array $params = [] )
- Retrieves the details of a specific organization telemetry rule.
- ListCentralizationRulesForOrganization ( array $params = [] )
- Lists all centralization rules in your organization.
- ListResourceTelemetry ( array $params = [] )
- Returns a list of telemetry configurations for Amazon Web Services resources supported by telemetry config.
- ListResourceTelemetryForOrganization ( array $params = [] )
- Returns a list of telemetry configurations for Amazon Web Services resources supported by telemetry config in the organization.
- ListS3TableIntegrations ( array $params = [] )
- Lists all S3 Table integrations in your account.
- ListTagsForResource ( array $params = [] )
- Lists all tags attached to the specified resource.
- ListTelemetryPipelines ( array $params = [] )
- Returns a list of telemetry pipelines in your account.
- ListTelemetryRules ( array $params = [] )
- Lists all telemetry rules in your account.
- ListTelemetryRulesForOrganization ( array $params = [] )
- Lists all telemetry rules in your organization.
- StartTelemetryEnrichment ( array $params = [] )
- Enables the resource tags for telemetry feature for your account, which enhances telemetry data with additional resource metadata from Resource Explorer to provide richer context for monitoring and observability.
- StartTelemetryEvaluation ( array $params = [] )
- This action begins onboarding the caller Amazon Web Services account to the telemetry config feature.
- StartTelemetryEvaluationForOrganization ( array $params = [] )
- This actions begins onboarding the organization and all member accounts to the telemetry config feature.
- StopTelemetryEnrichment ( array $params = [] )
- Disables the resource tags for telemetry feature for your account, stopping the enhancement of telemetry data with additional resource metadata.
- StopTelemetryEvaluation ( array $params = [] )
- This action begins offboarding the caller Amazon Web Services account from the telemetry config feature.
- StopTelemetryEvaluationForOrganization ( array $params = [] )
- This action offboards the Organization of the caller Amazon Web Services account from the telemetry config feature.
- TagResource ( array $params = [] )
- Adds or updates tags for a resource.
- TestTelemetryPipeline ( array $params = [] )
- Tests a pipeline configuration with sample records to validate data processing before deployment.
- UntagResource ( array $params = [] )
- Removes tags from a resource.
- UpdateCentralizationRuleForOrganization ( array $params = [] )
- Updates an existing centralization rule that applies across an Amazon Web Services Organization.
- UpdateTelemetryPipeline ( array $params = [] )
- Updates the configuration of an existing telemetry pipeline.
- UpdateTelemetryRule ( array $params = [] )
- Updates an existing telemetry rule in your account.
- UpdateTelemetryRuleForOrganization ( array $params = [] )
- Updates an existing telemetry rule that applies across an Amazon Web Services Organization.
- ValidateTelemetryPipelineConfiguration ( array $params = [] )
- Validates a pipeline configuration without creating the pipeline.
Paginators
Paginators handle automatically iterating over paginated API results. Paginators are associated with specific API operations, and they accept the parameters that the corresponding API operation accepts. You can get a paginator from a client class using getPaginator($paginatorName, $operationParameters). This client supports the following paginators:
- ListCentralizationRulesForOrganization
- ListResourceTelemetry
- ListResourceTelemetryForOrganization
- ListS3TableIntegrations
- ListTelemetryPipelines
- ListTelemetryRules
- ListTelemetryRulesForOrganization
Operations
CreateCentralizationRuleForOrganization
$result = $client->createCentralizationRuleForOrganization([/* ... */]); $promise = $client->createCentralizationRuleForOrganizationAsync([/* ... */]);
Creates a centralization rule that applies across an Amazon Web Services Organization. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->createCentralizationRuleForOrganization([
'Rule' => [ // REQUIRED
'Destination' => [ // REQUIRED
'Account' => '<string>',
'DestinationLogsConfiguration' => [
'BackupConfiguration' => [
'KmsKeyArn' => '<string>',
'Region' => '<string>', // REQUIRED
],
'LogsEncryptionConfiguration' => [
'EncryptionConflictResolutionStrategy' => 'ALLOW|SKIP',
'EncryptionStrategy' => 'CUSTOMER_MANAGED|AWS_OWNED', // REQUIRED
'KmsKeyArn' => '<string>',
],
],
'Region' => '<string>', // REQUIRED
],
'Source' => [ // REQUIRED
'Regions' => ['<string>', ...], // REQUIRED
'Scope' => '<string>',
'SourceLogsConfiguration' => [
'EncryptedLogGroupStrategy' => 'ALLOW|SKIP', // REQUIRED
'LogGroupSelectionCriteria' => '<string>', // REQUIRED
],
],
],
'RuleName' => '<string>', // REQUIRED
'Tags' => ['<string>', ...],
]);
Parameter Details
Members
- Rule
-
- Required: Yes
- Type: CentralizationRule structure
The configuration details for the organization-wide centralization rule, including the source configuration and the destination configuration to centralize telemetry data across the organization.
- RuleName
-
- Required: Yes
- Type: string
A unique name for the organization-wide centralization rule being created.
- Tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The key-value pairs to associate with the organization telemetry rule resource for categorization and management purposes.
Result Syntax
[
'RuleArn' => '<string>',
]
Result Details
Members
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the created organization centralization rule.
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ConflictException:
The requested operation conflicts with the current state of the specified resource or with another request.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
CreateS3TableIntegration
$result = $client->createS3TableIntegration([/* ... */]); $promise = $client->createS3TableIntegrationAsync([/* ... */]);
Creates an integration between CloudWatch and S3 Tables for analytics. This integration enables querying CloudWatch telemetry data using analytics engines like Amazon Athena, Amazon Redshift, and Apache Spark.
Parameter Syntax
$result = $client->createS3TableIntegration([
'Encryption' => [ // REQUIRED
'KmsKeyArn' => '<string>',
'SseAlgorithm' => 'aws:kms|AES256', // REQUIRED
],
'RoleArn' => '<string>', // REQUIRED
'Tags' => ['<string>', ...],
]);
Parameter Details
Members
- Encryption
-
- Required: Yes
- Type: Encryption structure
The encryption configuration for the S3 Table integration, including the encryption algorithm and KMS key settings.
- RoleArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the IAM role that grants permissions for the S3 Table integration to access necessary resources.
- Tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The key-value pairs to associate with the S3 Table integration resource for categorization and management purposes.
Result Syntax
[
'Arn' => '<string>',
]
Result Details
Members
- Arn
-
- Type: string
The Amazon Resource Name (ARN) of the created S3 Table integration.
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ConflictException:
The requested operation conflicts with the current state of the specified resource or with another request.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
CreateTelemetryPipeline
$result = $client->createTelemetryPipeline([/* ... */]); $promise = $client->createTelemetryPipelineAsync([/* ... */]);
Creates a telemetry pipeline for processing and transforming telemetry data. The pipeline defines how data flows from sources through processors to destinations, enabling data transformation and delivering capabilities.
Parameter Syntax
$result = $client->createTelemetryPipeline([
'Configuration' => [ // REQUIRED
'Body' => '<string>', // REQUIRED
],
'Name' => '<string>', // REQUIRED
'Tags' => ['<string>', ...],
]);
Parameter Details
Members
- Configuration
-
- Required: Yes
- Type: TelemetryPipelineConfiguration structure
The configuration that defines how the telemetry pipeline processes data, including sources, processors, and destinations. For more information about pipeline components, see the Amazon CloudWatch User Guide
- Name
-
- Required: Yes
- Type: string
The name of the telemetry pipeline to create. The name must be unique within your account.
- Tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The key-value pairs to associate with the telemetry pipeline resource for categorization and management purposes.
Result Syntax
[
'Arn' => '<string>',
]
Result Details
Members
- Arn
-
- Type: string
The Amazon Resource Name (ARN) of the created telemetry pipeline.
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ConflictException:
The requested operation conflicts with the current state of the specified resource or with another request.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
CreateTelemetryRule
$result = $client->createTelemetryRule([/* ... */]); $promise = $client->createTelemetryRuleAsync([/* ... */]);
Creates a telemetry rule that defines how telemetry should be configured for Amazon Web Services resources in your account. The rule specifies which resources should have telemetry enabled and how that telemetry data should be collected based on resource type, telemetry type, and selection criteria.
Parameter Syntax
$result = $client->createTelemetryRule([
'Rule' => [ // REQUIRED
'DestinationConfiguration' => [
'CloudtrailParameters' => [
'AdvancedEventSelectors' => [ // REQUIRED
[
'FieldSelectors' => [ // REQUIRED
[
'EndsWith' => ['<string>', ...],
'Equals' => ['<string>', ...],
'Field' => '<string>', // REQUIRED
'NotEndsWith' => ['<string>', ...],
'NotEquals' => ['<string>', ...],
'NotStartsWith' => ['<string>', ...],
'StartsWith' => ['<string>', ...],
],
// ...
],
'Name' => '<string>',
],
// ...
],
],
'DestinationPattern' => '<string>',
'DestinationType' => 'cloud-watch-logs',
'ELBLoadBalancerLoggingParameters' => [
'FieldDelimiter' => '<string>',
'OutputFormat' => 'plain|json',
],
'LogDeliveryParameters' => [
'LogTypes' => ['<string>', ...],
],
'RetentionInDays' => <integer>,
'VPCFlowLogParameters' => [
'LogFormat' => '<string>',
'MaxAggregationInterval' => <integer>,
'TrafficType' => '<string>',
],
'WAFLoggingParameters' => [
'LogType' => 'WAF_LOGS',
'LoggingFilter' => [
'DefaultBehavior' => 'KEEP|DROP',
'Filters' => [
[
'Behavior' => 'KEEP|DROP',
'Conditions' => [
[
'ActionCondition' => [
'Action' => 'ALLOW|BLOCK|COUNT|CAPTCHA|CHALLENGE|EXCLUDED_AS_COUNT',
],
'LabelNameCondition' => [
'LabelName' => '<string>',
],
],
// ...
],
'Requirement' => 'MEETS_ALL|MEETS_ANY',
],
// ...
],
],
'RedactedFields' => [
[
'Method' => '<string>',
'QueryString' => '<string>',
'SingleHeader' => [
'Name' => '<string>',
],
'UriPath' => '<string>',
],
// ...
],
],
],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function|AWS::CloudTrail|AWS::EKS::Cluster|AWS::WAFv2::WebACL|AWS::ElasticLoadBalancingV2::LoadBalancer|AWS::Route53Resolver::ResolverEndpoint|AWS::BedrockAgentCore::Runtime|AWS::BedrockAgentCore::Browser|AWS::BedrockAgentCore::CodeInterpreter',
'Scope' => '<string>',
'SelectionCriteria' => '<string>',
'TelemetrySourceTypes' => ['<string>', ...],
'TelemetryType' => 'Logs|Metrics|Traces', // REQUIRED
],
'RuleName' => '<string>', // REQUIRED
'Tags' => ['<string>', ...],
]);
Parameter Details
Members
- Rule
-
- Required: Yes
- Type: TelemetryRule structure
The configuration details for the telemetry rule, including the resource type, telemetry type, destination configuration, and selection criteria for which resources the rule applies to.
- RuleName
-
- Required: Yes
- Type: string
A unique name for the telemetry rule being created.
- Tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The key-value pairs to associate with the telemetry rule resource for categorization and management purposes.
Result Syntax
[
'RuleArn' => '<string>',
]
Result Details
Members
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the created telemetry rule.
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ConflictException:
The requested operation conflicts with the current state of the specified resource or with another request.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
CreateTelemetryRuleForOrganization
$result = $client->createTelemetryRuleForOrganization([/* ... */]); $promise = $client->createTelemetryRuleForOrganizationAsync([/* ... */]);
Creates a telemetry rule that applies across an Amazon Web Services Organization. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->createTelemetryRuleForOrganization([
'Rule' => [ // REQUIRED
'DestinationConfiguration' => [
'CloudtrailParameters' => [
'AdvancedEventSelectors' => [ // REQUIRED
[
'FieldSelectors' => [ // REQUIRED
[
'EndsWith' => ['<string>', ...],
'Equals' => ['<string>', ...],
'Field' => '<string>', // REQUIRED
'NotEndsWith' => ['<string>', ...],
'NotEquals' => ['<string>', ...],
'NotStartsWith' => ['<string>', ...],
'StartsWith' => ['<string>', ...],
],
// ...
],
'Name' => '<string>',
],
// ...
],
],
'DestinationPattern' => '<string>',
'DestinationType' => 'cloud-watch-logs',
'ELBLoadBalancerLoggingParameters' => [
'FieldDelimiter' => '<string>',
'OutputFormat' => 'plain|json',
],
'LogDeliveryParameters' => [
'LogTypes' => ['<string>', ...],
],
'RetentionInDays' => <integer>,
'VPCFlowLogParameters' => [
'LogFormat' => '<string>',
'MaxAggregationInterval' => <integer>,
'TrafficType' => '<string>',
],
'WAFLoggingParameters' => [
'LogType' => 'WAF_LOGS',
'LoggingFilter' => [
'DefaultBehavior' => 'KEEP|DROP',
'Filters' => [
[
'Behavior' => 'KEEP|DROP',
'Conditions' => [
[
'ActionCondition' => [
'Action' => 'ALLOW|BLOCK|COUNT|CAPTCHA|CHALLENGE|EXCLUDED_AS_COUNT',
],
'LabelNameCondition' => [
'LabelName' => '<string>',
],
],
// ...
],
'Requirement' => 'MEETS_ALL|MEETS_ANY',
],
// ...
],
],
'RedactedFields' => [
[
'Method' => '<string>',
'QueryString' => '<string>',
'SingleHeader' => [
'Name' => '<string>',
],
'UriPath' => '<string>',
],
// ...
],
],
],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function|AWS::CloudTrail|AWS::EKS::Cluster|AWS::WAFv2::WebACL|AWS::ElasticLoadBalancingV2::LoadBalancer|AWS::Route53Resolver::ResolverEndpoint|AWS::BedrockAgentCore::Runtime|AWS::BedrockAgentCore::Browser|AWS::BedrockAgentCore::CodeInterpreter',
'Scope' => '<string>',
'SelectionCriteria' => '<string>',
'TelemetrySourceTypes' => ['<string>', ...],
'TelemetryType' => 'Logs|Metrics|Traces', // REQUIRED
],
'RuleName' => '<string>', // REQUIRED
'Tags' => ['<string>', ...],
]);
Parameter Details
Members
- Rule
-
- Required: Yes
- Type: TelemetryRule structure
The configuration details for the organization-wide telemetry rule, including the resource type, telemetry type, destination configuration, and selection criteria for which resources the rule applies to across the organization.
- RuleName
-
- Required: Yes
- Type: string
A unique name for the organization-wide telemetry rule being created.
- Tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The key-value pairs to associate with the organization telemetry rule resource for categorization and management purposes.
Result Syntax
[
'RuleArn' => '<string>',
]
Result Details
Members
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the created organization telemetry rule.
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ConflictException:
The requested operation conflicts with the current state of the specified resource or with another request.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
DeleteCentralizationRuleForOrganization
$result = $client->deleteCentralizationRuleForOrganization([/* ... */]); $promise = $client->deleteCentralizationRuleForOrganizationAsync([/* ... */]);
Deletes an organization-wide centralization rule. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->deleteCentralizationRuleForOrganization([
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the organization centralization rule to delete.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
DeleteS3TableIntegration
$result = $client->deleteS3TableIntegration([/* ... */]); $promise = $client->deleteS3TableIntegrationAsync([/* ... */]);
Deletes an S3 Table integration and its associated data. This operation removes the connection between CloudWatch Observability Admin and S3 Tables.
Parameter Syntax
$result = $client->deleteS3TableIntegration([
'Arn' => '<string>', // REQUIRED
]);
Parameter Details
Members
- Arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the S3 Table integration to delete.
Result Syntax
[]
Result Details
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- InvalidStateException:
The requested operation cannot be completed on the specified resource in the current state.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
DeleteTelemetryPipeline
$result = $client->deleteTelemetryPipeline([/* ... */]); $promise = $client->deleteTelemetryPipelineAsync([/* ... */]);
Deletes a telemetry pipeline and its associated resources. This operation stops data processing and removes the pipeline configuration.
Parameter Syntax
$result = $client->deleteTelemetryPipeline([
'PipelineIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- PipelineIdentifier
-
- Required: Yes
- Type: string
The ARN of the telemetry pipeline to delete.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- ConflictException:
The requested operation conflicts with the current state of the specified resource or with another request.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
DeleteTelemetryRule
$result = $client->deleteTelemetryRule([/* ... */]); $promise = $client->deleteTelemetryRuleAsync([/* ... */]);
Deletes a telemetry rule from your account. Any telemetry configurations previously created by the rule will remain but no new resources will be configured by this rule.
Parameter Syntax
$result = $client->deleteTelemetryRule([
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the telemetry rule to delete.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
DeleteTelemetryRuleForOrganization
$result = $client->deleteTelemetryRuleForOrganization([/* ... */]); $promise = $client->deleteTelemetryRuleForOrganizationAsync([/* ... */]);
Deletes an organization-wide telemetry rule. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->deleteTelemetryRuleForOrganization([
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the organization telemetry rule to delete.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
GetCentralizationRuleForOrganization
$result = $client->getCentralizationRuleForOrganization([/* ... */]); $promise = $client->getCentralizationRuleForOrganizationAsync([/* ... */]);
Retrieves the details of a specific organization centralization rule. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->getCentralizationRuleForOrganization([
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the organization centralization rule to retrieve.
Result Syntax
[
'CentralizationRule' => [
'Destination' => [
'Account' => '<string>',
'DestinationLogsConfiguration' => [
'BackupConfiguration' => [
'KmsKeyArn' => '<string>',
'Region' => '<string>',
],
'LogsEncryptionConfiguration' => [
'EncryptionConflictResolutionStrategy' => 'ALLOW|SKIP',
'EncryptionStrategy' => 'CUSTOMER_MANAGED|AWS_OWNED',
'KmsKeyArn' => '<string>',
],
],
'Region' => '<string>',
],
'Source' => [
'Regions' => ['<string>', ...],
'Scope' => '<string>',
'SourceLogsConfiguration' => [
'EncryptedLogGroupStrategy' => 'ALLOW|SKIP',
'LogGroupSelectionCriteria' => '<string>',
],
],
],
'CreatedRegion' => '<string>',
'CreatedTimeStamp' => <integer>,
'CreatorAccountId' => '<string>',
'FailureReason' => 'TRUSTED_ACCESS_NOT_ENABLED|DESTINATION_ACCOUNT_NOT_IN_ORGANIZATION|INTERNAL_SERVER_ERROR',
'LastUpdateTimeStamp' => <integer>,
'RuleArn' => '<string>',
'RuleHealth' => 'Healthy|Unhealthy|Provisioning',
'RuleName' => '<string>',
]
Result Details
Members
- CentralizationRule
-
- Type: CentralizationRule structure
The configuration details for the organization centralization rule.
- CreatedRegion
-
- Type: string
The Amazon Web Services region where the organization centralization rule was created.
- CreatedTimeStamp
-
- Type: long (int|float)
The timestamp when the organization centralization rule was created.
- CreatorAccountId
-
- Type: string
The Amazon Web Services Account that created the organization centralization rule.
- FailureReason
-
- Type: string
The reason why an organization centralization rule is marked UNHEALTHY.
- LastUpdateTimeStamp
-
- Type: long (int|float)
The timestamp when the organization centralization rule was last updated.
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the organization centralization rule.
- RuleHealth
-
- Type: string
The health status of the organization centralization rule.
- RuleName
-
- Type: string
The name of the organization centralization rule.
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
GetS3TableIntegration
$result = $client->getS3TableIntegration([/* ... */]); $promise = $client->getS3TableIntegrationAsync([/* ... */]);
Retrieves information about a specific S3 Table integration, including its configuration, status, and metadata.
Parameter Syntax
$result = $client->getS3TableIntegration([
'Arn' => '<string>', // REQUIRED
]);
Parameter Details
Members
- Arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the S3 Table integration to retrieve.
Result Syntax
[
'Arn' => '<string>',
'CreatedTimeStamp' => <integer>,
'DestinationTableBucketArn' => '<string>',
'Encryption' => [
'KmsKeyArn' => '<string>',
'SseAlgorithm' => 'aws:kms|AES256',
],
'RoleArn' => '<string>',
'Status' => 'ACTIVE|DELETING',
]
Result Details
Members
- Arn
-
- Type: string
The Amazon Resource Name (ARN) of the S3 Table integration.
- CreatedTimeStamp
-
- Type: long (int|float)
The timestamp when the S3 Table integration was created.
- DestinationTableBucketArn
-
- Type: string
The Amazon Resource Name (ARN) of the S3 bucket used as the destination for the table data.
- Encryption
-
- Type: Encryption structure
The encryption configuration for the S3 Table integration.
- RoleArn
-
- Type: string
The Amazon Resource Name (ARN) of the IAM role used by the S3 Table integration.
- Status
-
- Type: string
The current status of the S3 Table integration.
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
GetTelemetryEnrichmentStatus
$result = $client->getTelemetryEnrichmentStatus([/* ... */]); $promise = $client->getTelemetryEnrichmentStatusAsync([/* ... */]);
Returns the current status of the resource tags for telemetry feature, which enhances telemetry data with additional resource metadata from Resource Explorer.
Parameter Syntax
$result = $client->getTelemetryEnrichmentStatus([ ]);
Parameter Details
Members
Result Syntax
[
'AwsResourceExplorerManagedViewArn' => '<string>',
'Status' => 'Running|Stopped|Impaired',
]
Result Details
Members
- AwsResourceExplorerManagedViewArn
-
- Type: string
The Amazon Resource Name (ARN) of the Resource Explorer managed view used for resource tags for telemetry, if the feature is enabled.
- Status
-
- Type: string
The current status of the resource tags for telemetry feature (
Running,Stopped, orImpaired).
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- TooManyRequestsException:
The request throughput limit was exceeded.
GetTelemetryEvaluationStatus
$result = $client->getTelemetryEvaluationStatus([/* ... */]); $promise = $client->getTelemetryEvaluationStatusAsync([/* ... */]);
Returns the current onboarding status of the telemetry config feature, including the status of the feature and reason the feature failed to start or stop.
Parameter Syntax
$result = $client->getTelemetryEvaluationStatus([ ]);
Parameter Details
Members
Result Syntax
[
'FailureReason' => '<string>',
'Status' => 'NOT_STARTED|STARTING|FAILED_START|RUNNING|STOPPING|FAILED_STOP|STOPPED',
]
Result Details
Members
- FailureReason
-
- Type: string
Describes the reason for the failure status. The field will only be populated if
StatusisFAILED_STARTorFAILED_STOP. - Status
-
- Type: string
The onboarding status of the telemetry config feature.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- TooManyRequestsException:
The request throughput limit was exceeded.
GetTelemetryEvaluationStatusForOrganization
$result = $client->getTelemetryEvaluationStatusForOrganization([/* ... */]); $promise = $client->getTelemetryEvaluationStatusForOrganizationAsync([/* ... */]);
This returns the onboarding status of the telemetry configuration feature for the organization. It can only be called by a Management Account of an Amazon Web Services Organization or an assigned Delegated Admin Account of Amazon CloudWatch telemetry config.
Parameter Syntax
$result = $client->getTelemetryEvaluationStatusForOrganization([ ]);
Parameter Details
Members
Result Syntax
[
'FailureReason' => '<string>',
'Status' => 'NOT_STARTED|STARTING|FAILED_START|RUNNING|STOPPING|FAILED_STOP|STOPPED',
]
Result Details
Members
- FailureReason
-
- Type: string
This field describes the reason for the failure status. The field will only be populated if
StatusisFAILED_STARTorFAILED_STOP. - Status
-
- Type: string
The onboarding status of the telemetry config feature for the organization.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
GetTelemetryPipeline
$result = $client->getTelemetryPipeline([/* ... */]); $promise = $client->getTelemetryPipelineAsync([/* ... */]);
Retrieves information about a specific telemetry pipeline, including its configuration, status, and metadata.
Parameter Syntax
$result = $client->getTelemetryPipeline([
'PipelineIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- PipelineIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the telemetry pipeline to retrieve.
Result Syntax
[
'Pipeline' => [
'Arn' => '<string>',
'Configuration' => [
'Body' => '<string>',
],
'CreatedTimeStamp' => <integer>,
'LastUpdateTimeStamp' => <integer>,
'Name' => '<string>',
'Status' => 'CREATING|ACTIVE|UPDATING|DELETING|CREATE_FAILED|UPDATE_FAILED',
'StatusReason' => [
'Description' => '<string>',
],
'Tags' => ['<string>', ...],
],
]
Result Details
Members
- Pipeline
-
- Type: TelemetryPipeline structure
The complete telemetry pipeline resource information, including configuration, status, and metadata.
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
GetTelemetryRule
$result = $client->getTelemetryRule([/* ... */]); $promise = $client->getTelemetryRuleAsync([/* ... */]);
Retrieves the details of a specific telemetry rule in your account.
Parameter Syntax
$result = $client->getTelemetryRule([
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the telemetry rule to retrieve.
Result Syntax
[
'CreatedTimeStamp' => <integer>,
'LastUpdateTimeStamp' => <integer>,
'RuleArn' => '<string>',
'RuleName' => '<string>',
'TelemetryRule' => [
'DestinationConfiguration' => [
'CloudtrailParameters' => [
'AdvancedEventSelectors' => [
[
'FieldSelectors' => [
[
'EndsWith' => ['<string>', ...],
'Equals' => ['<string>', ...],
'Field' => '<string>',
'NotEndsWith' => ['<string>', ...],
'NotEquals' => ['<string>', ...],
'NotStartsWith' => ['<string>', ...],
'StartsWith' => ['<string>', ...],
],
// ...
],
'Name' => '<string>',
],
// ...
],
],
'DestinationPattern' => '<string>',
'DestinationType' => 'cloud-watch-logs',
'ELBLoadBalancerLoggingParameters' => [
'FieldDelimiter' => '<string>',
'OutputFormat' => 'plain|json',
],
'LogDeliveryParameters' => [
'LogTypes' => ['<string>', ...],
],
'RetentionInDays' => <integer>,
'VPCFlowLogParameters' => [
'LogFormat' => '<string>',
'MaxAggregationInterval' => <integer>,
'TrafficType' => '<string>',
],
'WAFLoggingParameters' => [
'LogType' => 'WAF_LOGS',
'LoggingFilter' => [
'DefaultBehavior' => 'KEEP|DROP',
'Filters' => [
[
'Behavior' => 'KEEP|DROP',
'Conditions' => [
[
'ActionCondition' => [
'Action' => 'ALLOW|BLOCK|COUNT|CAPTCHA|CHALLENGE|EXCLUDED_AS_COUNT',
],
'LabelNameCondition' => [
'LabelName' => '<string>',
],
],
// ...
],
'Requirement' => 'MEETS_ALL|MEETS_ANY',
],
// ...
],
],
'RedactedFields' => [
[
'Method' => '<string>',
'QueryString' => '<string>',
'SingleHeader' => [
'Name' => '<string>',
],
'UriPath' => '<string>',
],
// ...
],
],
],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function|AWS::CloudTrail|AWS::EKS::Cluster|AWS::WAFv2::WebACL|AWS::ElasticLoadBalancingV2::LoadBalancer|AWS::Route53Resolver::ResolverEndpoint|AWS::BedrockAgentCore::Runtime|AWS::BedrockAgentCore::Browser|AWS::BedrockAgentCore::CodeInterpreter',
'Scope' => '<string>',
'SelectionCriteria' => '<string>',
'TelemetrySourceTypes' => ['<string>', ...],
'TelemetryType' => 'Logs|Metrics|Traces',
],
]
Result Details
Members
- CreatedTimeStamp
-
- Type: long (int|float)
The timestamp when the telemetry rule was created.
- LastUpdateTimeStamp
-
- Type: long (int|float)
The timestamp when the telemetry rule was last updated.
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the telemetry rule.
- RuleName
-
- Type: string
The name of the telemetry rule.
- TelemetryRule
-
- Type: TelemetryRule structure
The configuration details of the telemetry rule.
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
GetTelemetryRuleForOrganization
$result = $client->getTelemetryRuleForOrganization([/* ... */]); $promise = $client->getTelemetryRuleForOrganizationAsync([/* ... */]);
Retrieves the details of a specific organization telemetry rule. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->getTelemetryRuleForOrganization([
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the organization telemetry rule to retrieve.
Result Syntax
[
'CreatedTimeStamp' => <integer>,
'LastUpdateTimeStamp' => <integer>,
'RuleArn' => '<string>',
'RuleName' => '<string>',
'TelemetryRule' => [
'DestinationConfiguration' => [
'CloudtrailParameters' => [
'AdvancedEventSelectors' => [
[
'FieldSelectors' => [
[
'EndsWith' => ['<string>', ...],
'Equals' => ['<string>', ...],
'Field' => '<string>',
'NotEndsWith' => ['<string>', ...],
'NotEquals' => ['<string>', ...],
'NotStartsWith' => ['<string>', ...],
'StartsWith' => ['<string>', ...],
],
// ...
],
'Name' => '<string>',
],
// ...
],
],
'DestinationPattern' => '<string>',
'DestinationType' => 'cloud-watch-logs',
'ELBLoadBalancerLoggingParameters' => [
'FieldDelimiter' => '<string>',
'OutputFormat' => 'plain|json',
],
'LogDeliveryParameters' => [
'LogTypes' => ['<string>', ...],
],
'RetentionInDays' => <integer>,
'VPCFlowLogParameters' => [
'LogFormat' => '<string>',
'MaxAggregationInterval' => <integer>,
'TrafficType' => '<string>',
],
'WAFLoggingParameters' => [
'LogType' => 'WAF_LOGS',
'LoggingFilter' => [
'DefaultBehavior' => 'KEEP|DROP',
'Filters' => [
[
'Behavior' => 'KEEP|DROP',
'Conditions' => [
[
'ActionCondition' => [
'Action' => 'ALLOW|BLOCK|COUNT|CAPTCHA|CHALLENGE|EXCLUDED_AS_COUNT',
],
'LabelNameCondition' => [
'LabelName' => '<string>',
],
],
// ...
],
'Requirement' => 'MEETS_ALL|MEETS_ANY',
],
// ...
],
],
'RedactedFields' => [
[
'Method' => '<string>',
'QueryString' => '<string>',
'SingleHeader' => [
'Name' => '<string>',
],
'UriPath' => '<string>',
],
// ...
],
],
],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function|AWS::CloudTrail|AWS::EKS::Cluster|AWS::WAFv2::WebACL|AWS::ElasticLoadBalancingV2::LoadBalancer|AWS::Route53Resolver::ResolverEndpoint|AWS::BedrockAgentCore::Runtime|AWS::BedrockAgentCore::Browser|AWS::BedrockAgentCore::CodeInterpreter',
'Scope' => '<string>',
'SelectionCriteria' => '<string>',
'TelemetrySourceTypes' => ['<string>', ...],
'TelemetryType' => 'Logs|Metrics|Traces',
],
]
Result Details
Members
- CreatedTimeStamp
-
- Type: long (int|float)
The timestamp when the organization telemetry rule was created.
- LastUpdateTimeStamp
-
- Type: long (int|float)
The timestamp when the organization telemetry rule was last updated.
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the organization telemetry rule.
- RuleName
-
- Type: string
The name of the organization telemetry rule.
- TelemetryRule
-
- Type: TelemetryRule structure
The configuration details of the organization telemetry rule.
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ListCentralizationRulesForOrganization
$result = $client->listCentralizationRulesForOrganization([/* ... */]); $promise = $client->listCentralizationRulesForOrganizationAsync([/* ... */]);
Lists all centralization rules in your organization. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->listCentralizationRulesForOrganization([
'AllRegions' => true || false,
'MaxResults' => <integer>,
'NextToken' => '<string>',
'RuleNamePrefix' => '<string>',
]);
Parameter Details
Members
- AllRegions
-
- Type: boolean
A flag determining whether to return organization centralization rules from all regions or only the current region.
- MaxResults
-
- Type: int
The maximum number of organization centralization rules to return in a single call.
- NextToken
-
- Type: string
The token for the next set of results. A previous call generates this token.
- RuleNamePrefix
-
- Type: string
A string to filter organization centralization rules whose names begin with the specified prefix.
Result Syntax
[
'CentralizationRuleSummaries' => [
[
'CreatedRegion' => '<string>',
'CreatedTimeStamp' => <integer>,
'CreatorAccountId' => '<string>',
'DestinationAccountId' => '<string>',
'DestinationRegion' => '<string>',
'FailureReason' => 'TRUSTED_ACCESS_NOT_ENABLED|DESTINATION_ACCOUNT_NOT_IN_ORGANIZATION|INTERNAL_SERVER_ERROR',
'LastUpdateTimeStamp' => <integer>,
'RuleArn' => '<string>',
'RuleHealth' => 'Healthy|Unhealthy|Provisioning',
'RuleName' => '<string>',
],
// ...
],
'NextToken' => '<string>',
]
Result Details
Members
- CentralizationRuleSummaries
-
- Type: Array of CentralizationRuleSummary structures
A list of centralization rule summaries.
- NextToken
-
- Type: string
A token to resume pagination of results.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ListResourceTelemetry
$result = $client->listResourceTelemetry([/* ... */]); $promise = $client->listResourceTelemetryAsync([/* ... */]);
Returns a list of telemetry configurations for Amazon Web Services resources supported by telemetry config. For more information, see Auditing CloudWatch telemetry configurations.
Parameter Syntax
$result = $client->listResourceTelemetry([
'MaxResults' => <integer>,
'NextToken' => '<string>',
'ResourceIdentifierPrefix' => '<string>',
'ResourceTags' => ['<string>', ...],
'ResourceTypes' => ['<string>', ...],
'TelemetryConfigurationState' => ['<string>', ...],
]);
Parameter Details
Members
- MaxResults
-
- Type: int
A number field used to limit the number of results within the returned list.
- NextToken
-
- Type: string
The token for the next set of items to return. A previous call generates this token.
- ResourceIdentifierPrefix
-
- Type: string
A string used to filter resources which have a
ResourceIdentifierstarting with theResourceIdentifierPrefix. - ResourceTags
-
- Type: Associative array of custom strings keys (TagKey) to strings
A key-value pair to filter resources based on tags associated with the resource. For more information about tags, see What are tags?
- ResourceTypes
-
- Type: Array of strings
A list of resource types used to filter resources supported by telemetry config. If this parameter is provided, the resources will be returned in the same order used in the request.
- TelemetryConfigurationState
-
- Type: Associative array of custom strings keys (TelemetryType) to strings
A key-value pair to filter resources based on the telemetry type and the state of the telemetry configuration. The key is the telemetry type and the value is the state.
Result Syntax
[
'NextToken' => '<string>',
'TelemetryConfigurations' => [
[
'AccountIdentifier' => '<string>',
'LastUpdateTimeStamp' => <integer>,
'ResourceIdentifier' => '<string>',
'ResourceTags' => ['<string>', ...],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function|AWS::CloudTrail|AWS::EKS::Cluster|AWS::WAFv2::WebACL|AWS::ElasticLoadBalancingV2::LoadBalancer|AWS::Route53Resolver::ResolverEndpoint|AWS::BedrockAgentCore::Runtime|AWS::BedrockAgentCore::Browser|AWS::BedrockAgentCore::CodeInterpreter',
'TelemetryConfigurationState' => ['<string>', ...],
],
// ...
],
]
Result Details
Members
- NextToken
-
- Type: string
The token for the next set of items to return. A previous call generates this token.
- TelemetryConfigurations
-
- Type: Array of TelemetryConfiguration structures
A list of telemetry configurations for Amazon Web Services resources supported by telemetry config in the caller's account.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ListResourceTelemetryForOrganization
$result = $client->listResourceTelemetryForOrganization([/* ... */]); $promise = $client->listResourceTelemetryForOrganizationAsync([/* ... */]);
Returns a list of telemetry configurations for Amazon Web Services resources supported by telemetry config in the organization.
Parameter Syntax
$result = $client->listResourceTelemetryForOrganization([
'AccountIdentifiers' => ['<string>', ...],
'MaxResults' => <integer>,
'NextToken' => '<string>',
'ResourceIdentifierPrefix' => '<string>',
'ResourceTags' => ['<string>', ...],
'ResourceTypes' => ['<string>', ...],
'TelemetryConfigurationState' => ['<string>', ...],
]);
Parameter Details
Members
- AccountIdentifiers
-
- Type: Array of strings
A list of Amazon Web Services accounts used to filter the resources to those associated with the specified accounts.
- MaxResults
-
- Type: int
A number field used to limit the number of results within the returned list.
- NextToken
-
- Type: string
The token for the next set of items to return. A previous call provides this token.
- ResourceIdentifierPrefix
-
- Type: string
A string used to filter resources in the organization which have a
ResourceIdentifierstarting with theResourceIdentifierPrefix. - ResourceTags
-
- Type: Associative array of custom strings keys (TagKey) to strings
A key-value pair to filter resources in the organization based on tags associated with the resource. Fore more information about tags, see What are tags?
- ResourceTypes
-
- Type: Array of strings
A list of resource types used to filter resources in the organization. If this parameter is provided, the resources will be returned in the same order used in the request.
- TelemetryConfigurationState
-
- Type: Associative array of custom strings keys (TelemetryType) to strings
A key-value pair to filter resources in the organization based on the telemetry type and the state of the telemetry configuration. The key is the telemetry type and the value is the state.
Result Syntax
[
'NextToken' => '<string>',
'TelemetryConfigurations' => [
[
'AccountIdentifier' => '<string>',
'LastUpdateTimeStamp' => <integer>,
'ResourceIdentifier' => '<string>',
'ResourceTags' => ['<string>', ...],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function|AWS::CloudTrail|AWS::EKS::Cluster|AWS::WAFv2::WebACL|AWS::ElasticLoadBalancingV2::LoadBalancer|AWS::Route53Resolver::ResolverEndpoint|AWS::BedrockAgentCore::Runtime|AWS::BedrockAgentCore::Browser|AWS::BedrockAgentCore::CodeInterpreter',
'TelemetryConfigurationState' => ['<string>', ...],
],
// ...
],
]
Result Details
Members
- NextToken
-
- Type: string
The token for the next set of items to return. A previous call provides this token.
- TelemetryConfigurations
-
- Type: Array of TelemetryConfiguration structures
A list of telemetry configurations for Amazon Web Services resources supported by telemetry config in the organization.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ListS3TableIntegrations
$result = $client->listS3TableIntegrations([/* ... */]); $promise = $client->listS3TableIntegrationsAsync([/* ... */]);
Lists all S3 Table integrations in your account. We recommend using pagination to ensure that the operation returns quickly and successfully.
Parameter Syntax
$result = $client->listS3TableIntegrations([
'MaxResults' => <integer>,
'NextToken' => '<string>',
]);
Parameter Details
Members
- MaxResults
-
- Type: int
The maximum number of S3 Table integrations to return in a single call.
- NextToken
-
- Type: string
The token for the next set of results. A previous call generates this token.
Result Syntax
[
'IntegrationSummaries' => [
[
'Arn' => '<string>',
'Status' => 'ACTIVE|DELETING',
],
// ...
],
'NextToken' => '<string>',
]
Result Details
Members
- IntegrationSummaries
-
- Type: Array of IntegrationSummary structures
A list of S3 Table integration summaries containing key information about each integration.
- NextToken
-
- Type: string
A token to resume pagination of results.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ListTagsForResource
$result = $client->listTagsForResource([/* ... */]); $promise = $client->listTagsForResourceAsync([/* ... */]);
Lists all tags attached to the specified resource. Supports telemetry rule resources and telemetry pipeline resources.
Parameter Syntax
$result = $client->listTagsForResource([
'ResourceARN' => '<string>', // REQUIRED
]);
Parameter Details
Members
- ResourceARN
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the telemetry rule resource whose tags you want to list.
Result Syntax
[
'Tags' => ['<string>', ...],
]
Result Details
Members
- Tags
-
- Required: Yes
- Type: Associative array of custom strings keys (String) to strings
The list of tags associated with the telemetry rule resource.
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ListTelemetryPipelines
$result = $client->listTelemetryPipelines([/* ... */]); $promise = $client->listTelemetryPipelinesAsync([/* ... */]);
Returns a list of telemetry pipelines in your account. Returns up to 100 results. If more than 100 telemetry pipelines exist, include the NextToken value from the response to retrieve the next set of results.
Parameter Syntax
$result = $client->listTelemetryPipelines([
'MaxResults' => <integer>,
'NextToken' => '<string>',
]);
Parameter Details
Members
- MaxResults
-
- Type: int
The maximum number of telemetry pipelines to return in a single call.
- NextToken
-
- Type: string
The token for the next set of results. A previous call generates this token.
Result Syntax
[
'NextToken' => '<string>',
'PipelineSummaries' => [
[
'Arn' => '<string>',
'ConfigurationSummary' => [
'DataSources' => [
[
'Name' => '<string>',
'Type' => '<string>',
],
// ...
],
'ProcessorCount' => <integer>,
'Processors' => ['<string>', ...],
'Sinks' => ['<string>', ...],
'Sources' => [
[
'Type' => '<string>',
],
// ...
],
],
'CreatedTimeStamp' => <integer>,
'LastUpdateTimeStamp' => <integer>,
'Name' => '<string>',
'Status' => 'CREATING|ACTIVE|UPDATING|DELETING|CREATE_FAILED|UPDATE_FAILED',
'Tags' => ['<string>', ...],
],
// ...
],
]
Result Details
Members
- NextToken
-
- Type: string
A token to resume pagination of results.
- PipelineSummaries
-
- Type: Array of TelemetryPipelineSummary structures
A list of telemetry pipeline summaries containing key information about each pipeline.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ListTelemetryRules
$result = $client->listTelemetryRules([/* ... */]); $promise = $client->listTelemetryRulesAsync([/* ... */]);
Lists all telemetry rules in your account. You can filter the results by specifying a rule name prefix.
Parameter Syntax
$result = $client->listTelemetryRules([
'MaxResults' => <integer>,
'NextToken' => '<string>',
'RuleNamePrefix' => '<string>',
]);
Parameter Details
Members
- MaxResults
-
- Type: int
The maximum number of telemetry rules to return in a single call.
- NextToken
-
- Type: string
The token for the next set of results. A previous call generates this token.
- RuleNamePrefix
-
- Type: string
A string to filter telemetry rules whose names begin with the specified prefix.
Result Syntax
[
'NextToken' => '<string>',
'TelemetryRuleSummaries' => [
[
'CreatedTimeStamp' => <integer>,
'LastUpdateTimeStamp' => <integer>,
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function|AWS::CloudTrail|AWS::EKS::Cluster|AWS::WAFv2::WebACL|AWS::ElasticLoadBalancingV2::LoadBalancer|AWS::Route53Resolver::ResolverEndpoint|AWS::BedrockAgentCore::Runtime|AWS::BedrockAgentCore::Browser|AWS::BedrockAgentCore::CodeInterpreter',
'RuleArn' => '<string>',
'RuleName' => '<string>',
'TelemetrySourceTypes' => ['<string>', ...],
'TelemetryType' => 'Logs|Metrics|Traces',
],
// ...
],
]
Result Details
Members
- NextToken
-
- Type: string
A token to resume pagination of results.
- TelemetryRuleSummaries
-
- Type: Array of TelemetryRuleSummary structures
A list of telemetry rule summaries.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ListTelemetryRulesForOrganization
$result = $client->listTelemetryRulesForOrganization([/* ... */]); $promise = $client->listTelemetryRulesForOrganizationAsync([/* ... */]);
Lists all telemetry rules in your organization. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->listTelemetryRulesForOrganization([
'MaxResults' => <integer>,
'NextToken' => '<string>',
'RuleNamePrefix' => '<string>',
'SourceAccountIds' => ['<string>', ...],
'SourceOrganizationUnitIds' => ['<string>', ...],
]);
Parameter Details
Members
- MaxResults
-
- Type: int
The maximum number of organization telemetry rules to return in a single call.
- NextToken
-
- Type: string
The token for the next set of results. A previous call generates this token.
- RuleNamePrefix
-
- Type: string
A string to filter organization telemetry rules whose names begin with the specified prefix.
- SourceAccountIds
-
- Type: Array of strings
The list of account IDs to filter organization telemetry rules by their source accounts.
- SourceOrganizationUnitIds
-
- Type: Array of strings
The list of organizational unit IDs to filter organization telemetry rules by their source organizational units.
Result Syntax
[
'NextToken' => '<string>',
'TelemetryRuleSummaries' => [
[
'CreatedTimeStamp' => <integer>,
'LastUpdateTimeStamp' => <integer>,
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function|AWS::CloudTrail|AWS::EKS::Cluster|AWS::WAFv2::WebACL|AWS::ElasticLoadBalancingV2::LoadBalancer|AWS::Route53Resolver::ResolverEndpoint|AWS::BedrockAgentCore::Runtime|AWS::BedrockAgentCore::Browser|AWS::BedrockAgentCore::CodeInterpreter',
'RuleArn' => '<string>',
'RuleName' => '<string>',
'TelemetrySourceTypes' => ['<string>', ...],
'TelemetryType' => 'Logs|Metrics|Traces',
],
// ...
],
]
Result Details
Members
- NextToken
-
- Type: string
A token to resume pagination of results.
- TelemetryRuleSummaries
-
- Type: Array of TelemetryRuleSummary structures
A list of organization telemetry rule summaries.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
StartTelemetryEnrichment
$result = $client->startTelemetryEnrichment([/* ... */]); $promise = $client->startTelemetryEnrichmentAsync([/* ... */]);
Enables the resource tags for telemetry feature for your account, which enhances telemetry data with additional resource metadata from Resource Explorer to provide richer context for monitoring and observability.
Parameter Syntax
$result = $client->startTelemetryEnrichment([ ]);
Parameter Details
Members
Result Syntax
[
'AwsResourceExplorerManagedViewArn' => '<string>',
'Status' => 'Running|Stopped|Impaired',
]
Result Details
Members
- AwsResourceExplorerManagedViewArn
-
- Type: string
The Amazon Resource Name (ARN) of the Resource Explorer managed view created for resource tags for telemetry.
- Status
-
- Type: string
The status of the resource tags for telemetry feature after the start operation (
Running,Stopped, orImpaired).
Errors
- ConflictException:
The requested operation conflicts with the current state of the specified resource or with another request.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- TooManyRequestsException:
The request throughput limit was exceeded.
StartTelemetryEvaluation
$result = $client->startTelemetryEvaluation([/* ... */]); $promise = $client->startTelemetryEvaluationAsync([/* ... */]);
This action begins onboarding the caller Amazon Web Services account to the telemetry config feature.
Parameter Syntax
$result = $client->startTelemetryEvaluation([ ]);
Parameter Details
Members
Result Syntax
[]
Result Details
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
StartTelemetryEvaluationForOrganization
$result = $client->startTelemetryEvaluationForOrganization([/* ... */]); $promise = $client->startTelemetryEvaluationForOrganizationAsync([/* ... */]);
This actions begins onboarding the organization and all member accounts to the telemetry config feature.
Parameter Syntax
$result = $client->startTelemetryEvaluationForOrganization([ ]);
Parameter Details
Members
Result Syntax
[]
Result Details
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
StopTelemetryEnrichment
$result = $client->stopTelemetryEnrichment([/* ... */]); $promise = $client->stopTelemetryEnrichmentAsync([/* ... */]);
Disables the resource tags for telemetry feature for your account, stopping the enhancement of telemetry data with additional resource metadata.
Parameter Syntax
$result = $client->stopTelemetryEnrichment([ ]);
Parameter Details
Members
Result Syntax
[
'Status' => 'Running|Stopped|Impaired',
]
Result Details
Members
- Status
-
- Type: string
The status of the resource tags for telemetry feature after the stop operation (
Running,Stopped, orImpaired).
Errors
- ConflictException:
The requested operation conflicts with the current state of the specified resource or with another request.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- TooManyRequestsException:
The request throughput limit was exceeded.
StopTelemetryEvaluation
$result = $client->stopTelemetryEvaluation([/* ... */]); $promise = $client->stopTelemetryEvaluationAsync([/* ... */]);
This action begins offboarding the caller Amazon Web Services account from the telemetry config feature.
Parameter Syntax
$result = $client->stopTelemetryEvaluation([ ]);
Parameter Details
Members
Result Syntax
[]
Result Details
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
StopTelemetryEvaluationForOrganization
$result = $client->stopTelemetryEvaluationForOrganization([/* ... */]); $promise = $client->stopTelemetryEvaluationForOrganizationAsync([/* ... */]);
This action offboards the Organization of the caller Amazon Web Services account from the telemetry config feature.
Parameter Syntax
$result = $client->stopTelemetryEvaluationForOrganization([ ]);
Parameter Details
Members
Result Syntax
[]
Result Details
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
TagResource
$result = $client->tagResource([/* ... */]); $promise = $client->tagResourceAsync([/* ... */]);
Adds or updates tags for a resource. Supports telemetry rule resources and telemetry pipeline resources.
Parameter Syntax
$result = $client->tagResource([
'ResourceARN' => '<string>', // REQUIRED
'Tags' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- ResourceARN
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the telemetry rule resource to tag.
- Tags
-
- Required: Yes
- Type: Associative array of custom strings keys (TagKey) to strings
The key-value pairs to add or update for the telemetry rule resource.
Result Syntax
[]
Result Details
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
TestTelemetryPipeline
$result = $client->testTelemetryPipeline([/* ... */]); $promise = $client->testTelemetryPipelineAsync([/* ... */]);
Tests a pipeline configuration with sample records to validate data processing before deployment. This operation helps ensure your pipeline configuration works as expected.
Parameter Syntax
$result = $client->testTelemetryPipeline([
'Configuration' => [ // REQUIRED
'Body' => '<string>', // REQUIRED
],
'Records' => [ // REQUIRED
[
'Data' => '<string>',
'Type' => 'STRING|JSON',
],
// ...
],
]);
Parameter Details
Members
- Configuration
-
- Required: Yes
- Type: TelemetryPipelineConfiguration structure
The pipeline configuration to test with the provided sample records.
- Records
-
- Required: Yes
- Type: Array of Record structures
The sample records to process through the pipeline configuration for testing purposes.
Result Syntax
[
'Results' => [
[
'Error' => [
'Message' => '<string>',
],
'Record' => [
'Data' => '<string>',
'Type' => 'STRING|JSON',
],
],
// ...
],
]
Result Details
Members
- Results
-
- Type: Array of PipelineOutput structures
The results of processing the test records through the pipeline configuration, including any outputs or errors.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
UntagResource
$result = $client->untagResource([/* ... */]); $promise = $client->untagResourceAsync([/* ... */]);
Removes tags from a resource. Supports telemetry rule resources and telemetry pipeline resources.
Parameter Syntax
$result = $client->untagResource([
'ResourceARN' => '<string>', // REQUIRED
'TagKeys' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- ResourceARN
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the telemetry rule resource to remove tags from.
- TagKeys
-
- Required: Yes
- Type: Array of strings
The list of tag keys to remove from the telemetry rule resource.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
UpdateCentralizationRuleForOrganization
$result = $client->updateCentralizationRuleForOrganization([/* ... */]); $promise = $client->updateCentralizationRuleForOrganizationAsync([/* ... */]);
Updates an existing centralization rule that applies across an Amazon Web Services Organization. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->updateCentralizationRuleForOrganization([
'Rule' => [ // REQUIRED
'Destination' => [ // REQUIRED
'Account' => '<string>',
'DestinationLogsConfiguration' => [
'BackupConfiguration' => [
'KmsKeyArn' => '<string>',
'Region' => '<string>', // REQUIRED
],
'LogsEncryptionConfiguration' => [
'EncryptionConflictResolutionStrategy' => 'ALLOW|SKIP',
'EncryptionStrategy' => 'CUSTOMER_MANAGED|AWS_OWNED', // REQUIRED
'KmsKeyArn' => '<string>',
],
],
'Region' => '<string>', // REQUIRED
],
'Source' => [ // REQUIRED
'Regions' => ['<string>', ...], // REQUIRED
'Scope' => '<string>',
'SourceLogsConfiguration' => [
'EncryptedLogGroupStrategy' => 'ALLOW|SKIP', // REQUIRED
'LogGroupSelectionCriteria' => '<string>', // REQUIRED
],
],
],
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- Rule
-
- Required: Yes
- Type: CentralizationRule structure
The configuration details for the organization-wide centralization rule, including the source configuration and the destination configuration to centralize telemetry data across the organization.
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the organization centralization rule to update.
Result Syntax
[
'RuleArn' => '<string>',
]
Result Details
Members
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the updated organization centralization rule.
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
UpdateTelemetryPipeline
$result = $client->updateTelemetryPipeline([/* ... */]); $promise = $client->updateTelemetryPipelineAsync([/* ... */]);
Updates the configuration of an existing telemetry pipeline.
The following attributes cannot be updated after pipeline creation:
-
Pipeline name - The pipeline name is immutable
-
Pipeline ARN - The ARN is automatically generated and cannot be changed
-
Source type - Once a pipeline is created with a specific source type (such as S3, CloudWatch Logs, GitHub, or third-party sources), it cannot be changed to a different source type
Processors can be added, removed, or modified. However, some processors are not supported for third-party pipelines and cannot be added through updates.
Source-Specific Update Rules
- CloudWatch Logs Sources (Vended and Custom)
-
Updatable:
sts_role_arnFixed:
data_source_name,data_source_type, sink (must remain@original) - S3 Sources (Crowdstrike, Zscaler, SentinelOne, Custom)
-
Updatable: All SQS configuration parameters,
sts_role_arn, codec settings, compression type, bucket ownership settings, sink log groupFixed:
notification_type,aws.region - GitHub Audit Logs
-
Updatable: All Amazon Web Services Secrets Manager attributes,
scope(can switch between ORGANIZATION/ENTERPRISE),organizationorenterprisename,range, authentication credentials (PAT or GitHub App) - Microsoft Sources (Entra ID, Office365, Windows)
-
Updatable: All Amazon Web Services Secrets Manager attributes,
tenant_id,workspace_id(Windows only), OAuth2 credentials (client_id,client_secret) - Okta Sources (SSO, Auth0)
-
Updatable: All Amazon Web Services Secrets Manager attributes,
domain,range(SSO only), OAuth2 credentials (client_id,client_secret) - Palo Alto Networks
-
Updatable: All Amazon Web Services Secrets Manager attributes,
hostname, basic authentication credentials (username,password) - ServiceNow CMDB
-
Updatable: All Amazon Web Services Secrets Manager attributes,
instance_url,range, OAuth2 credentials (client_id,client_secret) - Wiz CNAPP
-
Updatable: All Amazon Web Services Secrets Manager attributes,
region,range, OAuth2 credentials (client_id,client_secret)
Parameter Syntax
$result = $client->updateTelemetryPipeline([
'Configuration' => [ // REQUIRED
'Body' => '<string>', // REQUIRED
],
'PipelineIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- Configuration
-
- Required: Yes
- Type: TelemetryPipelineConfiguration structure
The new configuration for the telemetry pipeline, including updated sources, processors, and destinations.
- PipelineIdentifier
-
- Required: Yes
- Type: string
The ARN of the telemetry pipeline to update.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
UpdateTelemetryRule
$result = $client->updateTelemetryRule([/* ... */]); $promise = $client->updateTelemetryRuleAsync([/* ... */]);
Updates an existing telemetry rule in your account. If multiple users attempt to modify the same telemetry rule simultaneously, a ConflictException is returned to provide specific error information for concurrent modification scenarios.
Parameter Syntax
$result = $client->updateTelemetryRule([
'Rule' => [ // REQUIRED
'DestinationConfiguration' => [
'CloudtrailParameters' => [
'AdvancedEventSelectors' => [ // REQUIRED
[
'FieldSelectors' => [ // REQUIRED
[
'EndsWith' => ['<string>', ...],
'Equals' => ['<string>', ...],
'Field' => '<string>', // REQUIRED
'NotEndsWith' => ['<string>', ...],
'NotEquals' => ['<string>', ...],
'NotStartsWith' => ['<string>', ...],
'StartsWith' => ['<string>', ...],
],
// ...
],
'Name' => '<string>',
],
// ...
],
],
'DestinationPattern' => '<string>',
'DestinationType' => 'cloud-watch-logs',
'ELBLoadBalancerLoggingParameters' => [
'FieldDelimiter' => '<string>',
'OutputFormat' => 'plain|json',
],
'LogDeliveryParameters' => [
'LogTypes' => ['<string>', ...],
],
'RetentionInDays' => <integer>,
'VPCFlowLogParameters' => [
'LogFormat' => '<string>',
'MaxAggregationInterval' => <integer>,
'TrafficType' => '<string>',
],
'WAFLoggingParameters' => [
'LogType' => 'WAF_LOGS',
'LoggingFilter' => [
'DefaultBehavior' => 'KEEP|DROP',
'Filters' => [
[
'Behavior' => 'KEEP|DROP',
'Conditions' => [
[
'ActionCondition' => [
'Action' => 'ALLOW|BLOCK|COUNT|CAPTCHA|CHALLENGE|EXCLUDED_AS_COUNT',
],
'LabelNameCondition' => [
'LabelName' => '<string>',
],
],
// ...
],
'Requirement' => 'MEETS_ALL|MEETS_ANY',
],
// ...
],
],
'RedactedFields' => [
[
'Method' => '<string>',
'QueryString' => '<string>',
'SingleHeader' => [
'Name' => '<string>',
],
'UriPath' => '<string>',
],
// ...
],
],
],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function|AWS::CloudTrail|AWS::EKS::Cluster|AWS::WAFv2::WebACL|AWS::ElasticLoadBalancingV2::LoadBalancer|AWS::Route53Resolver::ResolverEndpoint|AWS::BedrockAgentCore::Runtime|AWS::BedrockAgentCore::Browser|AWS::BedrockAgentCore::CodeInterpreter',
'Scope' => '<string>',
'SelectionCriteria' => '<string>',
'TelemetrySourceTypes' => ['<string>', ...],
'TelemetryType' => 'Logs|Metrics|Traces', // REQUIRED
],
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- Rule
-
- Required: Yes
- Type: TelemetryRule structure
The new configuration details for the telemetry rule.
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the telemetry rule to update.
Result Syntax
[
'RuleArn' => '<string>',
]
Result Details
Members
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the updated telemetry rule.
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- ConflictException:
The requested operation conflicts with the current state of the specified resource or with another request.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
UpdateTelemetryRuleForOrganization
$result = $client->updateTelemetryRuleForOrganization([/* ... */]); $promise = $client->updateTelemetryRuleForOrganizationAsync([/* ... */]);
Updates an existing telemetry rule that applies across an Amazon Web Services Organization. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->updateTelemetryRuleForOrganization([
'Rule' => [ // REQUIRED
'DestinationConfiguration' => [
'CloudtrailParameters' => [
'AdvancedEventSelectors' => [ // REQUIRED
[
'FieldSelectors' => [ // REQUIRED
[
'EndsWith' => ['<string>', ...],
'Equals' => ['<string>', ...],
'Field' => '<string>', // REQUIRED
'NotEndsWith' => ['<string>', ...],
'NotEquals' => ['<string>', ...],
'NotStartsWith' => ['<string>', ...],
'StartsWith' => ['<string>', ...],
],
// ...
],
'Name' => '<string>',
],
// ...
],
],
'DestinationPattern' => '<string>',
'DestinationType' => 'cloud-watch-logs',
'ELBLoadBalancerLoggingParameters' => [
'FieldDelimiter' => '<string>',
'OutputFormat' => 'plain|json',
],
'LogDeliveryParameters' => [
'LogTypes' => ['<string>', ...],
],
'RetentionInDays' => <integer>,
'VPCFlowLogParameters' => [
'LogFormat' => '<string>',
'MaxAggregationInterval' => <integer>,
'TrafficType' => '<string>',
],
'WAFLoggingParameters' => [
'LogType' => 'WAF_LOGS',
'LoggingFilter' => [
'DefaultBehavior' => 'KEEP|DROP',
'Filters' => [
[
'Behavior' => 'KEEP|DROP',
'Conditions' => [
[
'ActionCondition' => [
'Action' => 'ALLOW|BLOCK|COUNT|CAPTCHA|CHALLENGE|EXCLUDED_AS_COUNT',
],
'LabelNameCondition' => [
'LabelName' => '<string>',
],
],
// ...
],
'Requirement' => 'MEETS_ALL|MEETS_ANY',
],
// ...
],
],
'RedactedFields' => [
[
'Method' => '<string>',
'QueryString' => '<string>',
'SingleHeader' => [
'Name' => '<string>',
],
'UriPath' => '<string>',
],
// ...
],
],
],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function|AWS::CloudTrail|AWS::EKS::Cluster|AWS::WAFv2::WebACL|AWS::ElasticLoadBalancingV2::LoadBalancer|AWS::Route53Resolver::ResolverEndpoint|AWS::BedrockAgentCore::Runtime|AWS::BedrockAgentCore::Browser|AWS::BedrockAgentCore::CodeInterpreter',
'Scope' => '<string>',
'SelectionCriteria' => '<string>',
'TelemetrySourceTypes' => ['<string>', ...],
'TelemetryType' => 'Logs|Metrics|Traces', // REQUIRED
],
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- Rule
-
- Required: Yes
- Type: TelemetryRule structure
The new configuration details for the organization telemetry rule, including resource type, telemetry type, and destination configuration.
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the organization telemetry rule to update.
Result Syntax
[
'RuleArn' => '<string>',
]
Result Details
Members
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the updated organization telemetry rule.
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ValidateTelemetryPipelineConfiguration
$result = $client->validateTelemetryPipelineConfiguration([/* ... */]); $promise = $client->validateTelemetryPipelineConfigurationAsync([/* ... */]);
Validates a pipeline configuration without creating the pipeline. This operation checks the configuration for syntax errors and compatibility issues.
Parameter Syntax
$result = $client->validateTelemetryPipelineConfiguration([
'Configuration' => [ // REQUIRED
'Body' => '<string>', // REQUIRED
],
]);
Parameter Details
Members
- Configuration
-
- Required: Yes
- Type: TelemetryPipelineConfiguration structure
The pipeline configuration to validate for syntax and compatibility.
Result Syntax
[
'Errors' => [
[
'FieldMap' => ['<string>', ...],
'Message' => '<string>',
'Reason' => '<string>',
],
// ...
],
]
Result Details
Members
- Errors
-
- Type: Array of ValidationError structures
A list of validation errors found in the pipeline configuration, if any.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
Shapes
AccessDeniedException
Description
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
Members
- Message
-
- Type: string
- amznErrorType
-
- Type: string
The name of the exception.
ActionCondition
Description
Condition that matches based on the specific WAF action taken on the request.
Members
- Action
-
- Type: string
The WAF action to match against (ALLOW, BLOCK, COUNT, CAPTCHA, CHALLENGE, EXCLUDED_AS_COUNT).
AdvancedEventSelector
Description
Advanced event selectors let you create fine-grained selectors for management, data, and network activity events.
Members
- FieldSelectors
-
- Required: Yes
- Type: Array of AdvancedFieldSelector structures
Contains all selector statements in an advanced event selector.
- Name
-
- Type: string
An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets".
AdvancedFieldSelector
Description
Defines criteria for selecting resources based on field values.
Members
- EndsWith
-
- Type: Array of strings
Matches if the field value ends with the specified value.
- Equals
-
- Type: Array of strings
Matches if the field value equals the specified value.
- Field
-
- Required: Yes
- Type: string
The name of the field to use for selection.
- NotEndsWith
-
- Type: Array of strings
Matches if the field value does not end with the specified value.
- NotEquals
-
- Type: Array of strings
Matches if the field value does not equal the specified value.
- NotStartsWith
-
- Type: Array of strings
Matches if the field value does not start with the specified value.
- StartsWith
-
- Type: Array of strings
Matches if the field value starts with the specified value.
CentralizationRule
Description
Defines how telemetry data should be centralized across an Amazon Web Services Organization, including source and destination configurations.
Members
- Destination
-
- Required: Yes
- Type: CentralizationRuleDestination structure
Configuration determining where the telemetry data should be centralized, backed up, as well as encryption configuration for the primary and backup destinations.
- Source
-
- Required: Yes
- Type: CentralizationRuleSource structure
Configuration determining the source of the telemetry data to be centralized.
CentralizationRuleDestination
Description
Configuration specifying the primary destination for centralized telemetry data.
Members
- Account
-
- Type: string
The destination account (within the organization) to which the telemetry data should be centralized.
- DestinationLogsConfiguration
-
- Type: DestinationLogsConfiguration structure
Log specific configuration for centralization destination log groups.
- Region
-
- Required: Yes
- Type: string
The primary destination region to which telemetry data should be centralized.
CentralizationRuleSource
Description
Configuration specifying the source of telemetry data to be centralized.
Members
- Regions
-
- Required: Yes
- Type: Array of strings
The list of source regions from which telemetry data should be centralized.
- Scope
-
- Type: string
The organizational scope from which telemetry data should be centralized, specified using organization id, accounts or organizational unit ids.
- SourceLogsConfiguration
-
- Type: SourceLogsConfiguration structure
Log specific configuration for centralization source log groups.
CentralizationRuleSummary
Description
A summary of a centralization rule's key properties and status.
Members
- CreatedRegion
-
- Type: string
The Amazon Web Services region where the organization centralization rule was created.
- CreatedTimeStamp
-
- Type: long (int|float)
The timestamp when the organization centralization rule was created.
- CreatorAccountId
-
- Type: string
The Amazon Web Services Account that created the organization centralization rule.
- DestinationAccountId
-
- Type: string
The primary destination account of the organization centralization rule.
- DestinationRegion
-
- Type: string
The primary destination region of the organization centralization rule.
- FailureReason
-
- Type: string
The reason why an organization centralization rule is marked UNHEALTHY.
- LastUpdateTimeStamp
-
- Type: long (int|float)
The timestamp when the organization centralization rule was last updated.
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the organization centralization rule.
- RuleHealth
-
- Type: string
The health status of the organization centralization rule.
- RuleName
-
- Type: string
The name of the organization centralization rule.
CloudtrailParameters
Description
Parameters specific to Amazon Web Services CloudTrail telemetry configuration.
Members
- AdvancedEventSelectors
-
- Required: Yes
- Type: Array of AdvancedEventSelector structures
The advanced event selectors to use for filtering Amazon Web Services CloudTrail events.
Condition
Description
A single condition that can match based on WAF rule action or label name.
Members
- ActionCondition
-
- Type: ActionCondition structure
Matches log records based on the WAF rule action taken (ALLOW, BLOCK, COUNT, etc.).
- LabelNameCondition
-
- Type: LabelNameCondition structure
Matches log records based on WAF rule labels applied to the request.
ConfigurationSummary
Description
Provides a summary of pipeline configuration components including sources, processors, and destinations.
Members
- DataSources
-
- Type: Array of DataSource structures
The list of data sources that provide telemetry data to the pipeline.
- ProcessorCount
-
- Type: int
The total number of processors configured in the pipeline.
- Processors
-
- Type: Array of strings
The list of processors configured in the pipeline for data transformation.
- Sinks
-
- Type: Array of strings
The list of destinations where processed data is sent.
- Sources
-
- Type: Array of Source structures
The list of data sources configured in the pipeline.
ConflictException
Description
The requested operation conflicts with the current state of the specified resource or with another request.
Members
- Message
-
- Type: string
- ResourceId
-
- Type: string
The identifier of the resource which is in conflict with the requested operation.
- ResourceType
-
- Type: string
The type of the resource which is in conflict with the requested operation.
DataSource
Description
Information about a data source associated with the telemetry pipeline. For CloudWatch Logs sources, this includes both a name and type extracted from the log event metadata. For third-party sources (such as S3), this includes only a name, with the type field left empty.
Members
- Name
-
- Type: string
The name of the data source. For CloudWatch Logs sources, this corresponds to the
data_source_namefrom the log event metadata. For third-party sources, this is either the configureddata_source_nameor defaults to the plugin name if not specified. - Type
-
- Type: string
The type of the data source. For CloudWatch Logs sources, this corresponds to the
data_source_typefrom the log event metadata. For third-party sources, this field is empty.
DestinationLogsConfiguration
Description
Configuration for centralization destination log groups, including encryption and backup settings.
Members
- BackupConfiguration
-
- Type: LogsBackupConfiguration structure
Configuration defining the backup region and an optional KMS key for the backup destination.
- LogsEncryptionConfiguration
-
- Type: LogsEncryptionConfiguration structure
The encryption configuration for centralization destination log groups.
ELBLoadBalancerLoggingParameters
Description
Configuration parameters for ELB load balancer logging, including output format and field delimiter settings.
Members
- FieldDelimiter
-
- Type: string
The delimiter character used to separate fields in ELB access log entries when using plain text format.
- OutputFormat
-
- Type: string
The format for ELB access log entries (plain text or JSON format).
Encryption
Description
Defines the encryption configuration for S3 Table integrations, including the encryption algorithm and KMS key settings.
Members
- KmsKeyArn
-
- Type: string
The Amazon Resource Name (ARN) of the KMS key used for encryption when using customer-managed keys.
- SseAlgorithm
-
- Required: Yes
- Type: string
The server-side encryption algorithm used for encrypting data in the S3 Table integration.
FieldToMatch
Description
Specifies a field in the request to redact from WAF logs, such as headers, query parameters, or body content.
Members
- Method
-
- Type: string
Redacts the HTTP method from WAF logs.
- QueryString
-
- Type: string
Redacts the entire query string from WAF logs.
- SingleHeader
-
- Type: SingleHeader structure
Redacts a specific header field by name from WAF logs.
- UriPath
-
- Type: string
Redacts the URI path from WAF logs.
Filter
Description
A single filter condition that specifies behavior, requirement, and matching conditions for WAF log records.
Members
- Behavior
-
- Type: string
The action to take for log records matching this filter (KEEP or DROP).
- Conditions
-
- Type: Array of Condition structures
The list of conditions that determine if a log record matches this filter.
- Requirement
-
- Type: string
Whether the log record must meet all conditions (MEETS_ALL) or any condition (MEETS_ANY) to match this filter.
IntegrationSummary
Description
Contains summary information about an S3 Table integration for listing operations.
Members
- Arn
-
- Type: string
The Amazon Resource Name (ARN) of the S3 Table integration.
- Status
-
- Type: string
The current status of the S3 Table integration.
InternalServerException
Description
Indicates the request has failed to process because of an unknown server error, exception, or failure.
Members
- Message
-
- Type: string
- amznErrorType
-
- Type: string
The name of the exception.
- retryAfterSeconds
-
- Type: int
The number of seconds to wait before retrying the request.
InvalidStateException
Description
The requested operation cannot be completed on the specified resource in the current state.
Members
- Message
-
- Type: string
LabelNameCondition
Description
Condition that matches based on WAF rule labels, with label names limited to 1024 characters.
Members
- LabelName
-
- Type: string
The label name to match, supporting alphanumeric characters, underscores, hyphens, and colons.
LogDeliveryParameters
Description
Configuration parameters for Amazon Bedrock AgentCore logging, including logType settings.
Members
- LogTypes
-
- Type: Array of strings
The type of log that the source is sending.
LoggingFilter
Description
Configuration that determines which WAF log records to keep or drop based on specified conditions.
Members
- DefaultBehavior
-
- Type: string
The default action (KEEP or DROP) for log records that don't match any filter conditions.
- Filters
-
- Type: Array of Filter structures
A list of filter conditions that determine log record handling behavior.
LogsBackupConfiguration
Description
Configuration for backing up centralized log data to a secondary region.
Members
- KmsKeyArn
-
- Type: string
KMS Key ARN belonging to the primary destination account and backup region, to encrypt newly created central log groups in the backup destination.
- Region
-
- Required: Yes
- Type: string
Logs specific backup destination region within the primary destination account to which log data should be centralized.
LogsEncryptionConfiguration
Description
Configuration for encrypting centralized log groups. This configuration is only applied to destination log groups for which the corresponding source log groups are encrypted using Customer Managed KMS Keys.
Members
- EncryptionConflictResolutionStrategy
-
- Type: string
Conflict resolution strategy for centralization if the encryption strategy is set to CUSTOMER_MANAGED and the destination log group is encrypted with an AWS_OWNED KMS Key. ALLOW lets centralization go through while SKIP prevents centralization into the destination log group.
- EncryptionStrategy
-
- Required: Yes
- Type: string
Configuration that determines the encryption strategy of the destination log groups. CUSTOMER_MANAGED uses the configured KmsKeyArn to encrypt newly created destination log groups.
- KmsKeyArn
-
- Type: string
KMS Key ARN belonging to the primary destination account and region, to encrypt newly created central log groups in the primary destination.
PipelineOutput
Description
Contains the output from pipeline test operations, including processed records and any errors encountered.
Members
- Error
-
- Type: PipelineOutputError structure
Any error that occurred during the pipeline test operation for this record.
- Record
-
- Type: Record structure
The processed record output from the pipeline test operation.
PipelineOutputError
Description
Contains detailed error information from pipeline test operations, providing structured error responses for better debugging and troubleshooting capabilities.
Members
- Message
-
- Type: string
The detailed error message describing what went wrong during the pipeline test operation for this record.
Record
Description
Represents a test record structure used for pipeline testing operations to validate data processing.
Members
- Data
-
- Type: string
The data content of the test record used for pipeline validation.
- Type
-
- Type: string
The type of the test record, indicating the format or category of the data.
ResourceNotFoundException
Description
The specified resource (such as a telemetry rule) could not be found.
Members
- Message
-
- Type: string
- ResourceId
-
- Type: string
The identifier of the resource which could not be found.
- ResourceType
-
- Type: string
The type of the resource which could not be found.
ServiceQuotaExceededException
Description
The requested operation would exceed the allowed quota for the specified resource type.
Members
- Message
-
- Type: string
- QuotaCode
-
- Type: string
The code for the exceeded service quota.
- ResourceId
-
- Type: string
The identifier of the resource which exceeds the service quota.
- ResourceType
-
- Type: string
The type of the resource which exceeds the service quota.
- ServiceCode
-
- Type: string
The code for the service of the exceeded quota.
- amznErrorType
-
- Type: string
The name of the exception.
SingleHeader
Description
Structure containing a name field limited to 64 characters for header or query parameter identification.
Members
- Name
-
- Type: string
The name value, limited to 64 characters.
Source
Description
A list of source plugin types used in the pipeline configuration (such as cloudwatch_logs or s3). Currently supports a single source per pipeline, but is structured as a list to accommodate multiple pipelines in the configuration.
Members
- Type
-
- Type: string
The plugin name of the source, such as
cloudwatch_logsors3.
SourceLogsConfiguration
Description
Configuration for selecting and handling source log groups for centralization.
Members
- EncryptedLogGroupStrategy
-
- Required: Yes
- Type: string
A strategy determining whether to centralize source log groups that are encrypted with customer managed KMS keys (CMK). ALLOW will consider CMK encrypted source log groups for centralization while SKIP will skip CMK encrypted source log groups from centralization.
- LogGroupSelectionCriteria
-
- Required: Yes
- Type: string
The selection criteria that specifies which source log groups to centralize. The selection criteria uses the same format as OAM link filters.
TelemetryConfiguration
Description
A model representing the state of a resource within an account according to telemetry config.
Members
- AccountIdentifier
-
- Type: string
The account ID which contains the resource managed in telemetry configuration. An example of a valid account ID is
012345678901. - LastUpdateTimeStamp
-
- Type: long (int|float)
The timestamp of the last change to the telemetry configuration for the resource. For example,
1728679196318. - ResourceIdentifier
-
- Type: string
The identifier of the resource, for example for Amazon VPC, it would be
vpc-1a2b3c4d5e6f1a2b3. - ResourceTags
-
- Type: Associative array of custom strings keys (String) to strings
Tags associated with the resource, for example
{ Name: "ExampleInstance", Environment: "Development" }. - ResourceType
-
- Type: string
The type of resource, for example
Amazon Web Services::EC2::Instance, orAmazon Web Services::EKS::Cluster, etc. - TelemetryConfigurationState
-
- Type: Associative array of custom strings keys (TelemetryType) to strings
The configuration state for the resource, for example
{ Logs: NotApplicable; Metrics: Enabled; Traces: NotApplicable; }.
TelemetryDestinationConfiguration
Description
Configuration specifying where and how telemetry data should be delivered for Amazon Web Services resources.
Members
- CloudtrailParameters
-
- Type: CloudtrailParameters structure
Configuration parameters specific to Amazon Web Services CloudTrail when CloudTrail is the source type.
- DestinationPattern
-
- Type: string
The pattern used to generate the destination path or name, supporting macros like <resourceId> and <accountId>.
- DestinationType
-
- Type: string
The type of destination for the telemetry data (e.g., "Amazon CloudWatch Logs", "S3").
- ELBLoadBalancerLoggingParameters
-
- Type: ELBLoadBalancerLoggingParameters structure
Configuration parameters specific to ELB load balancer logging when ELB is the resource type.
- LogDeliveryParameters
-
- Type: LogDeliveryParameters structure
Configuration parameters specific to Amazon Bedrock AgentCore logging when Amazon Bedrock AgentCore is the resource type.
- RetentionInDays
-
- Type: int
The number of days to retain the telemetry data in the destination.
- VPCFlowLogParameters
-
- Type: VPCFlowLogParameters structure
Configuration parameters specific to VPC Flow Logs when VPC is the resource type.
- WAFLoggingParameters
-
- Type: WAFLoggingParameters structure
Configuration parameters specific to WAF logging when WAF is the resource type.
TelemetryPipeline
Description
Represents a complete telemetry pipeline resource with configuration, status, and metadata for data processing and transformation.
Members
- Arn
-
- Type: string
The Amazon Resource Name (ARN) of the telemetry pipeline.
- Configuration
-
- Type: TelemetryPipelineConfiguration structure
The configuration that defines how the telemetry pipeline processes data.
- CreatedTimeStamp
-
- Type: long (int|float)
The timestamp when the telemetry pipeline was created.
- LastUpdateTimeStamp
-
- Type: long (int|float)
The timestamp when the telemetry pipeline was last updated.
- Name
-
- Type: string
The name of the telemetry pipeline.
- Status
-
- Type: string
The current status of the telemetry pipeline.
- StatusReason
-
- Type: TelemetryPipelineStatusReason structure
Additional information about the pipeline status, including reasons for failure states.
- Tags
-
- Type: Associative array of custom strings keys (String) to strings
The key-value pairs associated with the telemetry pipeline resource.
TelemetryPipelineConfiguration
Description
Defines the configuration for a telemetry pipeline, including how data flows from sources through processors to destinations.
Members
- Body
-
- Required: Yes
- Type: string
The pipeline configuration body that defines the data processing rules and transformations.
TelemetryPipelineStatusReason
Description
Provides detailed information about the status of a telemetry pipeline, including reasons for specific states.
Members
- Description
-
- Type: string
A description of the pipeline status reason, providing additional context about the current state.
TelemetryPipelineSummary
Description
Contains summary information about a telemetry pipeline for listing operations.
Members
- Arn
-
- Type: string
The Amazon Resource Name (ARN) of the telemetry pipeline.
- ConfigurationSummary
-
- Type: ConfigurationSummary structure
A summary of the pipeline configuration components.
- CreatedTimeStamp
-
- Type: long (int|float)
The timestamp when the telemetry pipeline was created.
- LastUpdateTimeStamp
-
- Type: long (int|float)
The timestamp when the telemetry pipeline was last updated.
- Name
-
- Type: string
The name of the telemetry pipeline.
- Status
-
- Type: string
The current status of the telemetry pipeline.
- Tags
-
- Type: Associative array of custom strings keys (String) to strings
The key-value pairs associated with the telemetry pipeline resource.
TelemetryRule
Description
Defines how telemetry should be configured for specific Amazon Web Services resources.
Members
- DestinationConfiguration
-
- Type: TelemetryDestinationConfiguration structure
Configuration specifying where and how the telemetry data should be delivered.
- ResourceType
-
- Type: string
The type of Amazon Web Services resource to configure telemetry for (e.g., "AWS::EC2::VPC", "AWS::EKS::Cluster", "AWS::WAFv2::WebACL").
- Scope
-
- Type: string
The organizational scope to which the rule applies, specified using accounts or organizational units.
- SelectionCriteria
-
- Type: string
Criteria for selecting which resources the rule applies to, such as resource tags.
- TelemetrySourceTypes
-
- Type: Array of strings
The specific telemetry source types to configure for the resource, such as VPC_FLOW_LOGS or EKS_AUDIT_LOGS. TelemetrySourceTypes must be correlated with the specific resource type.
- TelemetryType
-
- Required: Yes
- Type: string
The type of telemetry to collect (Logs, Metrics, or Traces).
TelemetryRuleSummary
Description
A summary of a telemetry rule's key properties.
Members
- CreatedTimeStamp
-
- Type: long (int|float)
The timestamp when the telemetry rule was created.
- LastUpdateTimeStamp
-
- Type: long (int|float)
The timestamp when the telemetry rule was last modified.
- ResourceType
-
- Type: string
The type of Amazon Web Services resource the rule applies to.
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the telemetry rule.
- RuleName
-
- Type: string
The name of the telemetry rule.
- TelemetrySourceTypes
-
- Type: Array of strings
The types of telemetry sources configured for this rule, such as VPC Flow Logs or EKS audit logs. TelemetrySourceTypes must be correlated with the specific resource type.
- TelemetryType
-
- Type: string
The type of telemetry (Logs, Metrics, or Traces) the rule configures.
TooManyRequestsException
Description
The request throughput limit was exceeded.
Members
- Message
-
- Type: string
VPCFlowLogParameters
Description
Configuration parameters specific to VPC Flow Logs.
Members
- LogFormat
-
- Type: string
The format in which VPC Flow Log entries should be logged.
- MaxAggregationInterval
-
- Type: int
The maximum interval in seconds between the capture of flow log records.
- TrafficType
-
- Type: string
The type of traffic to log (ACCEPT, REJECT, or ALL).
ValidationError
Description
Represents a detailed validation error with message, reason, and field mapping for comprehensive error reporting.
Members
- FieldMap
-
- Type: Associative array of custom strings keys (String) to strings
A mapping of field names to specific validation issues within the configuration.
- Message
-
- Type: string
The error message describing the validation issue.
- Reason
-
- Type: string
The reason code or category for the validation error.
ValidationException
Description
Indicates input validation failed. Check your request parameters and retry the request.
Members
- Errors
-
- Type: Array of ValidationError structures
The errors in the input which caused the exception.
- Message
-
- Type: string
WAFLoggingParameters
Description
Configuration parameters for WAF logging, including redacted fields and logging filters.
Members
- LogType
-
- Type: string
The type of WAF logs to collect (currently supports WAF_LOGS).
- LoggingFilter
-
- Type: LoggingFilter structure
A filter configuration that determines which WAF log records to include or exclude.
- RedactedFields
-
- Type: Array of FieldToMatch structures
The fields to redact from WAF logs to protect sensitive information.