SDK for PHP 3.x
CloudWatch Observability Admin Service 2018-05-10
- Client: Aws\ObservabilityAdmin\ObservabilityAdminClient
- Service ID: observabilityadmin
- Version: 2018-05-10
This page describes the parameters and results for the operations of the CloudWatch Observability Admin Service (2018-05-10), and shows how to use the Aws\ObservabilityAdmin\ObservabilityAdminClient object to call the described operations. This documentation is specific to the 2018-05-10 API version of the service.
Operation Summary
Each of the following operations can be created from a client using
$client->getCommand('CommandName'), where "CommandName" is the
name of one of the following operations. Note: a command is a value that
encapsulates an operation and the parameters used to create an HTTP request.
You can also create and send a command immediately using the magic methods
available on a client object: $client->commandName(/* parameters */).
You can send the command asynchronously (returning a promise) by appending the
word "Async" to the operation name: $client->commandNameAsync(/* parameters */).
- CreateCentralizationRuleForOrganization ( array $params = [] )
- Creates a centralization rule that applies across an Amazon Web Services Organization.
- CreateTelemetryRule ( array $params = [] )
- Creates a telemetry rule that defines how telemetry should be configured for Amazon Web Services resources in your account.
- CreateTelemetryRuleForOrganization ( array $params = [] )
- Creates a telemetry rule that applies across an Amazon Web Services Organization.
- DeleteCentralizationRuleForOrganization ( array $params = [] )
- Deletes an organization-wide centralization rule.
- DeleteTelemetryRule ( array $params = [] )
- Deletes a telemetry rule from your account.
- DeleteTelemetryRuleForOrganization ( array $params = [] )
- Deletes an organization-wide telemetry rule.
- GetCentralizationRuleForOrganization ( array $params = [] )
- Retrieves the details of a specific organization centralization rule.
- GetTelemetryEvaluationStatus ( array $params = [] )
- Returns the current onboarding status of the telemetry config feature, including the status of the feature and reason the feature failed to start or stop.
- GetTelemetryEvaluationStatusForOrganization ( array $params = [] )
- This returns the onboarding status of the telemetry configuration feature for the organization.
- GetTelemetryRule ( array $params = [] )
- Retrieves the details of a specific telemetry rule in your account.
- GetTelemetryRuleForOrganization ( array $params = [] )
- Retrieves the details of a specific organization telemetry rule.
- ListCentralizationRulesForOrganization ( array $params = [] )
- Lists all centralization rules in your organization.
- ListResourceTelemetry ( array $params = [] )
- Returns a list of telemetry configurations for Amazon Web Services resources supported by telemetry config.
- ListResourceTelemetryForOrganization ( array $params = [] )
- Returns a list of telemetry configurations for Amazon Web Services resources supported by telemetry config in the organization.
- ListTagsForResource ( array $params = [] )
- Lists all tags attached to the specified telemetry rule resource.
- ListTelemetryRules ( array $params = [] )
- Lists all telemetry rules in your account.
- ListTelemetryRulesForOrganization ( array $params = [] )
- Lists all telemetry rules in your organization.
- StartTelemetryEvaluation ( array $params = [] )
- This action begins onboarding the caller Amazon Web Services account to the telemetry config feature.
- StartTelemetryEvaluationForOrganization ( array $params = [] )
- This actions begins onboarding the organization and all member accounts to the telemetry config feature.
- StopTelemetryEvaluation ( array $params = [] )
- This action begins offboarding the caller Amazon Web Services account from the telemetry config feature.
- StopTelemetryEvaluationForOrganization ( array $params = [] )
- This action offboards the Organization of the caller Amazon Web Services account from the telemetry config feature.
- TagResource ( array $params = [] )
- Adds or updates tags for a telemetry rule resource.
- UntagResource ( array $params = [] )
- Removes tags from a telemetry rule resource.
- UpdateCentralizationRuleForOrganization ( array $params = [] )
- Updates an existing centralization rule that applies across an Amazon Web Services Organization.
- UpdateTelemetryRule ( array $params = [] )
- Updates an existing telemetry rule in your account.
- UpdateTelemetryRuleForOrganization ( array $params = [] )
- Updates an existing telemetry rule that applies across an Amazon Web Services Organization.
Paginators
Paginators handle automatically iterating over paginated API results. Paginators are associated with specific API operations, and they accept the parameters that the corresponding API operation accepts. You can get a paginator from a client class using getPaginator($paginatorName, $operationParameters). This client supports the following paginators:
- ListCentralizationRulesForOrganization
- ListResourceTelemetry
- ListResourceTelemetryForOrganization
- ListTelemetryRules
- ListTelemetryRulesForOrganization
Operations
CreateCentralizationRuleForOrganization
$result = $client->createCentralizationRuleForOrganization([/* ... */]); $promise = $client->createCentralizationRuleForOrganizationAsync([/* ... */]);
Creates a centralization rule that applies across an Amazon Web Services Organization. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->createCentralizationRuleForOrganization([
'Rule' => [ // REQUIRED
'Destination' => [ // REQUIRED
'Account' => '<string>',
'DestinationLogsConfiguration' => [
'BackupConfiguration' => [
'KmsKeyArn' => '<string>',
'Region' => '<string>', // REQUIRED
],
'LogsEncryptionConfiguration' => [
'EncryptionConflictResolutionStrategy' => 'ALLOW|SKIP',
'EncryptionStrategy' => 'CUSTOMER_MANAGED|AWS_OWNED', // REQUIRED
'KmsKeyArn' => '<string>',
],
],
'Region' => '<string>', // REQUIRED
],
'Source' => [ // REQUIRED
'Regions' => ['<string>', ...], // REQUIRED
'Scope' => '<string>',
'SourceLogsConfiguration' => [
'EncryptedLogGroupStrategy' => 'ALLOW|SKIP', // REQUIRED
'LogGroupSelectionCriteria' => '<string>', // REQUIRED
],
],
],
'RuleName' => '<string>', // REQUIRED
'Tags' => ['<string>', ...],
]);
Parameter Details
Members
- Rule
-
- Required: Yes
- Type: CentralizationRule structure
The configuration details for the organization-wide centralization rule, including the source configuration and the destination configuration to centralize telemetry data across the organization.
- RuleName
-
- Required: Yes
- Type: string
A unique name for the organization-wide centralization rule being created.
- Tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The key-value pairs to associate with the organization telemetry rule resource for categorization and management purposes.
Result Syntax
[
'RuleArn' => '<string>',
]
Result Details
Members
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the created organization centralization rule.
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ConflictException:
The requested operation conflicts with the current state of the specified resource or with another request.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
CreateTelemetryRule
$result = $client->createTelemetryRule([/* ... */]); $promise = $client->createTelemetryRuleAsync([/* ... */]);
Creates a telemetry rule that defines how telemetry should be configured for Amazon Web Services resources in your account. The rule specifies which resources should have telemetry enabled and how that telemetry data should be collected based on resource type, telemetry type, and selection criteria.
Parameter Syntax
$result = $client->createTelemetryRule([
'Rule' => [ // REQUIRED
'DestinationConfiguration' => [
'DestinationPattern' => '<string>',
'DestinationType' => 'cloud-watch-logs',
'RetentionInDays' => <integer>,
'VPCFlowLogParameters' => [
'LogFormat' => '<string>',
'MaxAggregationInterval' => <integer>,
'TrafficType' => '<string>',
],
],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function',
'Scope' => '<string>',
'SelectionCriteria' => '<string>',
'TelemetryType' => 'Logs|Metrics|Traces', // REQUIRED
],
'RuleName' => '<string>', // REQUIRED
'Tags' => ['<string>', ...],
]);
Parameter Details
Members
- Rule
-
- Required: Yes
- Type: TelemetryRule structure
The configuration details for the telemetry rule, including the resource type, telemetry type, destination configuration, and selection criteria for which resources the rule applies to.
- RuleName
-
- Required: Yes
- Type: string
A unique name for the telemetry rule being created.
- Tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The key-value pairs to associate with the telemetry rule resource for categorization and management purposes.
Result Syntax
[
'RuleArn' => '<string>',
]
Result Details
Members
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the created telemetry rule.
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ConflictException:
The requested operation conflicts with the current state of the specified resource or with another request.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
CreateTelemetryRuleForOrganization
$result = $client->createTelemetryRuleForOrganization([/* ... */]); $promise = $client->createTelemetryRuleForOrganizationAsync([/* ... */]);
Creates a telemetry rule that applies across an Amazon Web Services Organization. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->createTelemetryRuleForOrganization([
'Rule' => [ // REQUIRED
'DestinationConfiguration' => [
'DestinationPattern' => '<string>',
'DestinationType' => 'cloud-watch-logs',
'RetentionInDays' => <integer>,
'VPCFlowLogParameters' => [
'LogFormat' => '<string>',
'MaxAggregationInterval' => <integer>,
'TrafficType' => '<string>',
],
],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function',
'Scope' => '<string>',
'SelectionCriteria' => '<string>',
'TelemetryType' => 'Logs|Metrics|Traces', // REQUIRED
],
'RuleName' => '<string>', // REQUIRED
'Tags' => ['<string>', ...],
]);
Parameter Details
Members
- Rule
-
- Required: Yes
- Type: TelemetryRule structure
The configuration details for the organization-wide telemetry rule, including the resource type, telemetry type, destination configuration, and selection criteria for which resources the rule applies to across the organization.
- RuleName
-
- Required: Yes
- Type: string
A unique name for the organization-wide telemetry rule being created.
- Tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The key-value pairs to associate with the organization telemetry rule resource for categorization and management purposes.
Result Syntax
[
'RuleArn' => '<string>',
]
Result Details
Members
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the created organization telemetry rule.
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ConflictException:
The requested operation conflicts with the current state of the specified resource or with another request.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
DeleteCentralizationRuleForOrganization
$result = $client->deleteCentralizationRuleForOrganization([/* ... */]); $promise = $client->deleteCentralizationRuleForOrganizationAsync([/* ... */]);
Deletes an organization-wide centralization rule. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->deleteCentralizationRuleForOrganization([
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the organization centralization rule to delete.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
DeleteTelemetryRule
$result = $client->deleteTelemetryRule([/* ... */]); $promise = $client->deleteTelemetryRuleAsync([/* ... */]);
Deletes a telemetry rule from your account. Any telemetry configurations previously created by the rule will remain but no new resources will be configured by this rule.
Parameter Syntax
$result = $client->deleteTelemetryRule([
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the telemetry rule to delete.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
DeleteTelemetryRuleForOrganization
$result = $client->deleteTelemetryRuleForOrganization([/* ... */]); $promise = $client->deleteTelemetryRuleForOrganizationAsync([/* ... */]);
Deletes an organization-wide telemetry rule. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->deleteTelemetryRuleForOrganization([
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the organization telemetry rule to delete.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
GetCentralizationRuleForOrganization
$result = $client->getCentralizationRuleForOrganization([/* ... */]); $promise = $client->getCentralizationRuleForOrganizationAsync([/* ... */]);
Retrieves the details of a specific organization centralization rule. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->getCentralizationRuleForOrganization([
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the organization centralization rule to retrieve.
Result Syntax
[
'CentralizationRule' => [
'Destination' => [
'Account' => '<string>',
'DestinationLogsConfiguration' => [
'BackupConfiguration' => [
'KmsKeyArn' => '<string>',
'Region' => '<string>',
],
'LogsEncryptionConfiguration' => [
'EncryptionConflictResolutionStrategy' => 'ALLOW|SKIP',
'EncryptionStrategy' => 'CUSTOMER_MANAGED|AWS_OWNED',
'KmsKeyArn' => '<string>',
],
],
'Region' => '<string>',
],
'Source' => [
'Regions' => ['<string>', ...],
'Scope' => '<string>',
'SourceLogsConfiguration' => [
'EncryptedLogGroupStrategy' => 'ALLOW|SKIP',
'LogGroupSelectionCriteria' => '<string>',
],
],
],
'CreatedRegion' => '<string>',
'CreatedTimeStamp' => <integer>,
'CreatorAccountId' => '<string>',
'FailureReason' => 'TRUSTED_ACCESS_NOT_ENABLED|DESTINATION_ACCOUNT_NOT_IN_ORGANIZATION|INTERNAL_SERVER_ERROR',
'LastUpdateTimeStamp' => <integer>,
'RuleArn' => '<string>',
'RuleHealth' => 'Healthy|Unhealthy|Provisioning',
'RuleName' => '<string>',
]
Result Details
Members
- CentralizationRule
-
- Type: CentralizationRule structure
The configuration details for the organization centralization rule.
- CreatedRegion
-
- Type: string
The Amazon Web Services region where the organization centralization rule was created.
- CreatedTimeStamp
-
- Type: long (int|float)
The timestamp when the organization centralization rule was created.
- CreatorAccountId
-
- Type: string
The Amazon Web Services Account that created the organization centralization rule.
- FailureReason
-
- Type: string
The reason why an organization centralization rule is marked UNHEALTHY.
- LastUpdateTimeStamp
-
- Type: long (int|float)
The timestamp when the organization centralization rule was last updated.
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the organization centralization rule.
- RuleHealth
-
- Type: string
The health status of the organization centralization rule.
- RuleName
-
- Type: string
The name of the organization centralization rule.
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
GetTelemetryEvaluationStatus
$result = $client->getTelemetryEvaluationStatus([/* ... */]); $promise = $client->getTelemetryEvaluationStatusAsync([/* ... */]);
Returns the current onboarding status of the telemetry config feature, including the status of the feature and reason the feature failed to start or stop.
Parameter Syntax
$result = $client->getTelemetryEvaluationStatus([ ]);
Parameter Details
Members
Result Syntax
[
'FailureReason' => '<string>',
'Status' => 'NOT_STARTED|STARTING|FAILED_START|RUNNING|STOPPING|FAILED_STOP|STOPPED',
]
Result Details
Members
- FailureReason
-
- Type: string
Describes the reason for the failure status. The field will only be populated if
StatusisFAILED_STARTorFAILED_STOP. - Status
-
- Type: string
The onboarding status of the telemetry config feature.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- TooManyRequestsException:
The request throughput limit was exceeded.
GetTelemetryEvaluationStatusForOrganization
$result = $client->getTelemetryEvaluationStatusForOrganization([/* ... */]); $promise = $client->getTelemetryEvaluationStatusForOrganizationAsync([/* ... */]);
This returns the onboarding status of the telemetry configuration feature for the organization. It can only be called by a Management Account of an Amazon Web Services Organization or an assigned Delegated Admin Account of Amazon CloudWatch telemetry config.
Parameter Syntax
$result = $client->getTelemetryEvaluationStatusForOrganization([ ]);
Parameter Details
Members
Result Syntax
[
'FailureReason' => '<string>',
'Status' => 'NOT_STARTED|STARTING|FAILED_START|RUNNING|STOPPING|FAILED_STOP|STOPPED',
]
Result Details
Members
- FailureReason
-
- Type: string
This field describes the reason for the failure status. The field will only be populated if
StatusisFAILED_STARTorFAILED_STOP. - Status
-
- Type: string
The onboarding status of the telemetry config feature for the organization.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
GetTelemetryRule
$result = $client->getTelemetryRule([/* ... */]); $promise = $client->getTelemetryRuleAsync([/* ... */]);
Retrieves the details of a specific telemetry rule in your account.
Parameter Syntax
$result = $client->getTelemetryRule([
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the telemetry rule to retrieve.
Result Syntax
[
'CreatedTimeStamp' => <integer>,
'LastUpdateTimeStamp' => <integer>,
'RuleArn' => '<string>',
'RuleName' => '<string>',
'TelemetryRule' => [
'DestinationConfiguration' => [
'DestinationPattern' => '<string>',
'DestinationType' => 'cloud-watch-logs',
'RetentionInDays' => <integer>,
'VPCFlowLogParameters' => [
'LogFormat' => '<string>',
'MaxAggregationInterval' => <integer>,
'TrafficType' => '<string>',
],
],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function',
'Scope' => '<string>',
'SelectionCriteria' => '<string>',
'TelemetryType' => 'Logs|Metrics|Traces',
],
]
Result Details
Members
- CreatedTimeStamp
-
- Type: long (int|float)
The timestamp when the telemetry rule was created.
- LastUpdateTimeStamp
-
- Type: long (int|float)
The timestamp when the telemetry rule was last updated.
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the telemetry rule.
- RuleName
-
- Type: string
The name of the telemetry rule.
- TelemetryRule
-
- Type: TelemetryRule structure
The configuration details of the telemetry rule.
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
GetTelemetryRuleForOrganization
$result = $client->getTelemetryRuleForOrganization([/* ... */]); $promise = $client->getTelemetryRuleForOrganizationAsync([/* ... */]);
Retrieves the details of a specific organization telemetry rule. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->getTelemetryRuleForOrganization([
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the organization telemetry rule to retrieve.
Result Syntax
[
'CreatedTimeStamp' => <integer>,
'LastUpdateTimeStamp' => <integer>,
'RuleArn' => '<string>',
'RuleName' => '<string>',
'TelemetryRule' => [
'DestinationConfiguration' => [
'DestinationPattern' => '<string>',
'DestinationType' => 'cloud-watch-logs',
'RetentionInDays' => <integer>,
'VPCFlowLogParameters' => [
'LogFormat' => '<string>',
'MaxAggregationInterval' => <integer>,
'TrafficType' => '<string>',
],
],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function',
'Scope' => '<string>',
'SelectionCriteria' => '<string>',
'TelemetryType' => 'Logs|Metrics|Traces',
],
]
Result Details
Members
- CreatedTimeStamp
-
- Type: long (int|float)
The timestamp when the organization telemetry rule was created.
- LastUpdateTimeStamp
-
- Type: long (int|float)
The timestamp when the organization telemetry rule was last updated.
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the organization telemetry rule.
- RuleName
-
- Type: string
The name of the organization telemetry rule.
- TelemetryRule
-
- Type: TelemetryRule structure
The configuration details of the organization telemetry rule.
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ListCentralizationRulesForOrganization
$result = $client->listCentralizationRulesForOrganization([/* ... */]); $promise = $client->listCentralizationRulesForOrganizationAsync([/* ... */]);
Lists all centralization rules in your organization. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->listCentralizationRulesForOrganization([
'AllRegions' => true || false,
'MaxResults' => <integer>,
'NextToken' => '<string>',
'RuleNamePrefix' => '<string>',
]);
Parameter Details
Members
- AllRegions
-
- Type: boolean
A flag determining whether to return organization centralization rules from all regions or only the current region.
- MaxResults
-
- Type: int
The maximum number of organization centralization rules to return in a single call.
- NextToken
-
- Type: string
The token for the next set of results. A previous call generates this token.
- RuleNamePrefix
-
- Type: string
A string to filter organization centralization rules whose names begin with the specified prefix.
Result Syntax
[
'CentralizationRuleSummaries' => [
[
'CreatedRegion' => '<string>',
'CreatedTimeStamp' => <integer>,
'CreatorAccountId' => '<string>',
'DestinationAccountId' => '<string>',
'DestinationRegion' => '<string>',
'FailureReason' => 'TRUSTED_ACCESS_NOT_ENABLED|DESTINATION_ACCOUNT_NOT_IN_ORGANIZATION|INTERNAL_SERVER_ERROR',
'LastUpdateTimeStamp' => <integer>,
'RuleArn' => '<string>',
'RuleHealth' => 'Healthy|Unhealthy|Provisioning',
'RuleName' => '<string>',
],
// ...
],
'NextToken' => '<string>',
]
Result Details
Members
- CentralizationRuleSummaries
-
- Type: Array of CentralizationRuleSummary structures
A list of centralization rule summaries.
- NextToken
-
- Type: string
A token to resume pagination of results.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ListResourceTelemetry
$result = $client->listResourceTelemetry([/* ... */]); $promise = $client->listResourceTelemetryAsync([/* ... */]);
Returns a list of telemetry configurations for Amazon Web Services resources supported by telemetry config. For more information, see Auditing CloudWatch telemetry configurations.
Parameter Syntax
$result = $client->listResourceTelemetry([
'MaxResults' => <integer>,
'NextToken' => '<string>',
'ResourceIdentifierPrefix' => '<string>',
'ResourceTags' => ['<string>', ...],
'ResourceTypes' => ['<string>', ...],
'TelemetryConfigurationState' => ['<string>', ...],
]);
Parameter Details
Members
- MaxResults
-
- Type: int
A number field used to limit the number of results within the returned list.
- NextToken
-
- Type: string
The token for the next set of items to return. A previous call generates this token.
- ResourceIdentifierPrefix
-
- Type: string
A string used to filter resources which have a
ResourceIdentifierstarting with theResourceIdentifierPrefix. - ResourceTags
-
- Type: Associative array of custom strings keys (TagKey) to strings
A key-value pair to filter resources based on tags associated with the resource. For more information about tags, see What are tags?
- ResourceTypes
-
- Type: Array of strings
A list of resource types used to filter resources supported by telemetry config. If this parameter is provided, the resources will be returned in the same order used in the request.
- TelemetryConfigurationState
-
- Type: Associative array of custom strings keys (TelemetryType) to strings
A key-value pair to filter resources based on the telemetry type and the state of the telemetry configuration. The key is the telemetry type and the value is the state.
Result Syntax
[
'NextToken' => '<string>',
'TelemetryConfigurations' => [
[
'AccountIdentifier' => '<string>',
'LastUpdateTimeStamp' => <integer>,
'ResourceIdentifier' => '<string>',
'ResourceTags' => ['<string>', ...],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function',
'TelemetryConfigurationState' => ['<string>', ...],
],
// ...
],
]
Result Details
Members
- NextToken
-
- Type: string
The token for the next set of items to return. A previous call generates this token.
- TelemetryConfigurations
-
- Type: Array of TelemetryConfiguration structures
A list of telemetry configurations for Amazon Web Services resources supported by telemetry config in the caller's account.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ListResourceTelemetryForOrganization
$result = $client->listResourceTelemetryForOrganization([/* ... */]); $promise = $client->listResourceTelemetryForOrganizationAsync([/* ... */]);
Returns a list of telemetry configurations for Amazon Web Services resources supported by telemetry config in the organization.
Parameter Syntax
$result = $client->listResourceTelemetryForOrganization([
'AccountIdentifiers' => ['<string>', ...],
'MaxResults' => <integer>,
'NextToken' => '<string>',
'ResourceIdentifierPrefix' => '<string>',
'ResourceTags' => ['<string>', ...],
'ResourceTypes' => ['<string>', ...],
'TelemetryConfigurationState' => ['<string>', ...],
]);
Parameter Details
Members
- AccountIdentifiers
-
- Type: Array of strings
A list of Amazon Web Services accounts used to filter the resources to those associated with the specified accounts.
- MaxResults
-
- Type: int
A number field used to limit the number of results within the returned list.
- NextToken
-
- Type: string
The token for the next set of items to return. A previous call provides this token.
- ResourceIdentifierPrefix
-
- Type: string
A string used to filter resources in the organization which have a
ResourceIdentifierstarting with theResourceIdentifierPrefix. - ResourceTags
-
- Type: Associative array of custom strings keys (TagKey) to strings
A key-value pair to filter resources in the organization based on tags associated with the resource. Fore more information about tags, see What are tags?
- ResourceTypes
-
- Type: Array of strings
A list of resource types used to filter resources in the organization. If this parameter is provided, the resources will be returned in the same order used in the request.
- TelemetryConfigurationState
-
- Type: Associative array of custom strings keys (TelemetryType) to strings
A key-value pair to filter resources in the organization based on the telemetry type and the state of the telemetry configuration. The key is the telemetry type and the value is the state.
Result Syntax
[
'NextToken' => '<string>',
'TelemetryConfigurations' => [
[
'AccountIdentifier' => '<string>',
'LastUpdateTimeStamp' => <integer>,
'ResourceIdentifier' => '<string>',
'ResourceTags' => ['<string>', ...],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function',
'TelemetryConfigurationState' => ['<string>', ...],
],
// ...
],
]
Result Details
Members
- NextToken
-
- Type: string
The token for the next set of items to return. A previous call provides this token.
- TelemetryConfigurations
-
- Type: Array of TelemetryConfiguration structures
A list of telemetry configurations for Amazon Web Services resources supported by telemetry config in the organization.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ListTagsForResource
$result = $client->listTagsForResource([/* ... */]); $promise = $client->listTagsForResourceAsync([/* ... */]);
Lists all tags attached to the specified telemetry rule resource.
Parameter Syntax
$result = $client->listTagsForResource([
'ResourceARN' => '<string>', // REQUIRED
]);
Parameter Details
Members
- ResourceARN
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the telemetry rule resource whose tags you want to list.
Result Syntax
[
'Tags' => ['<string>', ...],
]
Result Details
Members
- Tags
-
- Required: Yes
- Type: Associative array of custom strings keys (String) to strings
The list of tags associated with the telemetry rule resource.
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ListTelemetryRules
$result = $client->listTelemetryRules([/* ... */]); $promise = $client->listTelemetryRulesAsync([/* ... */]);
Lists all telemetry rules in your account. You can filter the results by specifying a rule name prefix.
Parameter Syntax
$result = $client->listTelemetryRules([
'MaxResults' => <integer>,
'NextToken' => '<string>',
'RuleNamePrefix' => '<string>',
]);
Parameter Details
Members
- MaxResults
-
- Type: int
The maximum number of telemetry rules to return in a single call.
- NextToken
-
- Type: string
The token for the next set of results. A previous call generates this token.
- RuleNamePrefix
-
- Type: string
A string to filter telemetry rules whose names begin with the specified prefix.
Result Syntax
[
'NextToken' => '<string>',
'TelemetryRuleSummaries' => [
[
'CreatedTimeStamp' => <integer>,
'LastUpdateTimeStamp' => <integer>,
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function',
'RuleArn' => '<string>',
'RuleName' => '<string>',
'TelemetryType' => 'Logs|Metrics|Traces',
],
// ...
],
]
Result Details
Members
- NextToken
-
- Type: string
A token to resume pagination of results.
- TelemetryRuleSummaries
-
- Type: Array of TelemetryRuleSummary structures
A list of telemetry rule summaries.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
ListTelemetryRulesForOrganization
$result = $client->listTelemetryRulesForOrganization([/* ... */]); $promise = $client->listTelemetryRulesForOrganizationAsync([/* ... */]);
Lists all telemetry rules in your organization. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->listTelemetryRulesForOrganization([
'MaxResults' => <integer>,
'NextToken' => '<string>',
'RuleNamePrefix' => '<string>',
'SourceAccountIds' => ['<string>', ...],
'SourceOrganizationUnitIds' => ['<string>', ...],
]);
Parameter Details
Members
- MaxResults
-
- Type: int
The maximum number of organization telemetry rules to return in a single call.
- NextToken
-
- Type: string
The token for the next set of results. A previous call generates this token.
- RuleNamePrefix
-
- Type: string
A string to filter organization telemetry rules whose names begin with the specified prefix.
- SourceAccountIds
-
- Type: Array of strings
The list of account IDs to filter organization telemetry rules by their source accounts.
- SourceOrganizationUnitIds
-
- Type: Array of strings
The list of organizational unit IDs to filter organization telemetry rules by their source organizational units.
Result Syntax
[
'NextToken' => '<string>',
'TelemetryRuleSummaries' => [
[
'CreatedTimeStamp' => <integer>,
'LastUpdateTimeStamp' => <integer>,
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function',
'RuleArn' => '<string>',
'RuleName' => '<string>',
'TelemetryType' => 'Logs|Metrics|Traces',
],
// ...
],
]
Result Details
Members
- NextToken
-
- Type: string
A token to resume pagination of results.
- TelemetryRuleSummaries
-
- Type: Array of TelemetryRuleSummary structures
A list of organization telemetry rule summaries.
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
StartTelemetryEvaluation
$result = $client->startTelemetryEvaluation([/* ... */]); $promise = $client->startTelemetryEvaluationAsync([/* ... */]);
This action begins onboarding the caller Amazon Web Services account to the telemetry config feature.
Parameter Syntax
$result = $client->startTelemetryEvaluation([ ]);
Parameter Details
Members
Result Syntax
[]
Result Details
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
StartTelemetryEvaluationForOrganization
$result = $client->startTelemetryEvaluationForOrganization([/* ... */]); $promise = $client->startTelemetryEvaluationForOrganizationAsync([/* ... */]);
This actions begins onboarding the organization and all member accounts to the telemetry config feature.
Parameter Syntax
$result = $client->startTelemetryEvaluationForOrganization([ ]);
Parameter Details
Members
Result Syntax
[]
Result Details
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
StopTelemetryEvaluation
$result = $client->stopTelemetryEvaluation([/* ... */]); $promise = $client->stopTelemetryEvaluationAsync([/* ... */]);
This action begins offboarding the caller Amazon Web Services account from the telemetry config feature.
Parameter Syntax
$result = $client->stopTelemetryEvaluation([ ]);
Parameter Details
Members
Result Syntax
[]
Result Details
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
StopTelemetryEvaluationForOrganization
$result = $client->stopTelemetryEvaluationForOrganization([/* ... */]); $promise = $client->stopTelemetryEvaluationForOrganizationAsync([/* ... */]);
This action offboards the Organization of the caller Amazon Web Services account from the telemetry config feature.
Parameter Syntax
$result = $client->stopTelemetryEvaluationForOrganization([ ]);
Parameter Details
Members
Result Syntax
[]
Result Details
Errors
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
TagResource
$result = $client->tagResource([/* ... */]); $promise = $client->tagResourceAsync([/* ... */]);
Adds or updates tags for a telemetry rule resource.
Parameter Syntax
$result = $client->tagResource([
'ResourceARN' => '<string>', // REQUIRED
'Tags' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- ResourceARN
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the telemetry rule resource to tag.
- Tags
-
- Required: Yes
- Type: Associative array of custom strings keys (TagKey) to strings
The key-value pairs to add or update for the telemetry rule resource.
Result Syntax
[]
Result Details
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
UntagResource
$result = $client->untagResource([/* ... */]); $promise = $client->untagResourceAsync([/* ... */]);
Removes tags from a telemetry rule resource.
Parameter Syntax
$result = $client->untagResource([
'ResourceARN' => '<string>', // REQUIRED
'TagKeys' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- ResourceARN
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the telemetry rule resource to remove tags from.
- TagKeys
-
- Required: Yes
- Type: Array of strings
The list of tag keys to remove from the telemetry rule resource.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
UpdateCentralizationRuleForOrganization
$result = $client->updateCentralizationRuleForOrganization([/* ... */]); $promise = $client->updateCentralizationRuleForOrganizationAsync([/* ... */]);
Updates an existing centralization rule that applies across an Amazon Web Services Organization. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->updateCentralizationRuleForOrganization([
'Rule' => [ // REQUIRED
'Destination' => [ // REQUIRED
'Account' => '<string>',
'DestinationLogsConfiguration' => [
'BackupConfiguration' => [
'KmsKeyArn' => '<string>',
'Region' => '<string>', // REQUIRED
],
'LogsEncryptionConfiguration' => [
'EncryptionConflictResolutionStrategy' => 'ALLOW|SKIP',
'EncryptionStrategy' => 'CUSTOMER_MANAGED|AWS_OWNED', // REQUIRED
'KmsKeyArn' => '<string>',
],
],
'Region' => '<string>', // REQUIRED
],
'Source' => [ // REQUIRED
'Regions' => ['<string>', ...], // REQUIRED
'Scope' => '<string>',
'SourceLogsConfiguration' => [
'EncryptedLogGroupStrategy' => 'ALLOW|SKIP', // REQUIRED
'LogGroupSelectionCriteria' => '<string>', // REQUIRED
],
],
],
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- Rule
-
- Required: Yes
- Type: CentralizationRule structure
The configuration details for the organization-wide centralization rule, including the source configuration and the destination configuration to centralize telemetry data across the organization.
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the organization centralization rule to update.
Result Syntax
[
'RuleArn' => '<string>',
]
Result Details
Members
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the updated organization centralization rule.
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
UpdateTelemetryRule
$result = $client->updateTelemetryRule([/* ... */]); $promise = $client->updateTelemetryRuleAsync([/* ... */]);
Updates an existing telemetry rule in your account.
Parameter Syntax
$result = $client->updateTelemetryRule([
'Rule' => [ // REQUIRED
'DestinationConfiguration' => [
'DestinationPattern' => '<string>',
'DestinationType' => 'cloud-watch-logs',
'RetentionInDays' => <integer>,
'VPCFlowLogParameters' => [
'LogFormat' => '<string>',
'MaxAggregationInterval' => <integer>,
'TrafficType' => '<string>',
],
],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function',
'Scope' => '<string>',
'SelectionCriteria' => '<string>',
'TelemetryType' => 'Logs|Metrics|Traces', // REQUIRED
],
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- Rule
-
- Required: Yes
- Type: TelemetryRule structure
The new configuration details for the telemetry rule.
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the telemetry rule to update.
Result Syntax
[
'RuleArn' => '<string>',
]
Result Details
Members
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the updated telemetry rule.
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
UpdateTelemetryRuleForOrganization
$result = $client->updateTelemetryRuleForOrganization([/* ... */]); $promise = $client->updateTelemetryRuleForOrganizationAsync([/* ... */]);
Updates an existing telemetry rule that applies across an Amazon Web Services Organization. This operation can only be called by the organization's management account or a delegated administrator account.
Parameter Syntax
$result = $client->updateTelemetryRuleForOrganization([
'Rule' => [ // REQUIRED
'DestinationConfiguration' => [
'DestinationPattern' => '<string>',
'DestinationType' => 'cloud-watch-logs',
'RetentionInDays' => <integer>,
'VPCFlowLogParameters' => [
'LogFormat' => '<string>',
'MaxAggregationInterval' => <integer>,
'TrafficType' => '<string>',
],
],
'ResourceType' => 'AWS::EC2::Instance|AWS::EC2::VPC|AWS::Lambda::Function',
'Scope' => '<string>',
'SelectionCriteria' => '<string>',
'TelemetryType' => 'Logs|Metrics|Traces', // REQUIRED
],
'RuleIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
- Rule
-
- Required: Yes
- Type: TelemetryRule structure
The new configuration details for the organization telemetry rule, including resource type, telemetry type, and destination configuration.
- RuleIdentifier
-
- Required: Yes
- Type: string
The identifier (name or ARN) of the organization telemetry rule to update.
Result Syntax
[
'RuleArn' => '<string>',
]
Result Details
Members
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the updated organization telemetry rule.
Errors
- ServiceQuotaExceededException:
The requested operation would exceed the allowed quota for the specified resource type.
- ResourceNotFoundException:
The specified resource (such as a telemetry rule) could not be found.
- AccessDeniedException:
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
- InternalServerException:
Indicates the request has failed to process because of an unknown server error, exception, or failure.
- ValidationException:
Indicates input validation failed. Check your request parameters and retry the request.
- TooManyRequestsException:
The request throughput limit was exceeded.
Shapes
AccessDeniedException
Description
Indicates you don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access management for Amazon Web Services resources in the IAM user guide.
Members
- Message
-
- Type: string
- amznErrorType
-
- Type: string
The name of the exception.
CentralizationRule
Description
Defines how telemetry data should be centralized across an Amazon Web Services Organization, including source and destination configurations.
Members
- Destination
-
- Required: Yes
- Type: CentralizationRuleDestination structure
Configuration determining where the telemetry data should be centralized, backed up, as well as encryption configuration for the primary and backup destinations.
- Source
-
- Required: Yes
- Type: CentralizationRuleSource structure
Configuration determining the source of the telemetry data to be centralized.
CentralizationRuleDestination
Description
Configuration specifying the primary destination for centralized telemetry data.
Members
- Account
-
- Type: string
The destination account (within the organization) to which the telemetry data should be centralized.
- DestinationLogsConfiguration
-
- Type: DestinationLogsConfiguration structure
Log specific configuration for centralization destination log groups.
- Region
-
- Required: Yes
- Type: string
The primary destination region to which telemetry data should be centralized.
CentralizationRuleSource
Description
Configuration specifying the source of telemetry data to be centralized.
Members
- Regions
-
- Required: Yes
- Type: Array of strings
The list of source regions from which telemetry data should be centralized.
- Scope
-
- Type: string
The organizational scope from which telemetry data should be centralized, specified using organization id, accounts or organizational unit ids.
- SourceLogsConfiguration
-
- Type: SourceLogsConfiguration structure
Log specific configuration for centralization source log groups.
CentralizationRuleSummary
Description
A summary of a centralization rule's key properties and status.
Members
- CreatedRegion
-
- Type: string
The Amazon Web Services region where the organization centralization rule was created.
- CreatedTimeStamp
-
- Type: long (int|float)
The timestamp when the organization centralization rule was created.
- CreatorAccountId
-
- Type: string
The Amazon Web Services Account that created the organization centralization rule.
- DestinationAccountId
-
- Type: string
The primary destination account of the organization centralization rule.
- DestinationRegion
-
- Type: string
The primary destination region of the organization centralization rule.
- FailureReason
-
- Type: string
The reason why an organization centralization rule is marked UNHEALTHY.
- LastUpdateTimeStamp
-
- Type: long (int|float)
The timestamp when the organization centralization rule was last updated.
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the organization centralization rule.
- RuleHealth
-
- Type: string
The health status of the organization centralization rule.
- RuleName
-
- Type: string
The name of the organization centralization rule.
ConflictException
Description
The requested operation conflicts with the current state of the specified resource or with another request.
Members
- Message
-
- Type: string
DestinationLogsConfiguration
Description
Configuration for centralization destination log groups, including encryption and backup settings.
Members
- BackupConfiguration
-
- Type: LogsBackupConfiguration structure
Configuration defining the backup region and an optional KMS key for the backup destination.
- LogsEncryptionConfiguration
-
- Type: LogsEncryptionConfiguration structure
The encryption configuration for centralization destination log groups.
InternalServerException
Description
Indicates the request has failed to process because of an unknown server error, exception, or failure.
Members
- Message
-
- Type: string
- amznErrorType
-
- Type: string
The name of the exception.
LogsBackupConfiguration
Description
Configuration for backing up centralized log data to a secondary region.
Members
- KmsKeyArn
-
- Type: string
KMS Key arn belonging to the primary destination account and backup region, to encrypt newly created central log groups in the backup destination.
- Region
-
- Required: Yes
- Type: string
Logs specific backup destination region within the primary destination account to which log data should be centralized.
LogsEncryptionConfiguration
Description
Configuration for encrypting centralized log groups. This configuration is only applied to destination log groups for which the corresponding source log groups are encrypted using Customer Managed KMS Keys.
Members
- EncryptionConflictResolutionStrategy
-
- Type: string
Conflict resolution strategy for centralization if the encryption strategy is set to CUSTOMER_MANAGED and the destination log group is encrypted with an AWS_OWNED KMS Key. ALLOW lets centralization go through while SKIP prevents centralization into the destination log group.
- EncryptionStrategy
-
- Required: Yes
- Type: string
Configuration that determines the encryption strategy of the destination log groups. CUSTOMER_MANAGED uses the configured KmsKeyArn to encrypt newly created destination log groups.
- KmsKeyArn
-
- Type: string
KMS Key arn belonging to the primary destination account and region, to encrypt newly created central log groups in the primary destination.
ResourceNotFoundException
Description
The specified resource (such as a telemetry rule) could not be found.
Members
- Message
-
- Type: string
ServiceQuotaExceededException
Description
The requested operation would exceed the allowed quota for the specified resource type.
Members
- Message
-
- Type: string
- amznErrorType
-
- Type: string
The name of the exception.
SourceLogsConfiguration
Description
Configuration for selecting and handling source log groups for centralization.
Members
- EncryptedLogGroupStrategy
-
- Required: Yes
- Type: string
A strategy determining whether to centralize source log groups that are encrypted with customer managed KMS keys (CMK). ALLOW will consider CMK encrypted source log groups for centralization while SKIP will skip CMK encrypted source log groups from centralization.
- LogGroupSelectionCriteria
-
- Required: Yes
- Type: string
The selection criteria that specifies which source log groups to centralize. The selection criteria uses the same format as OAM link filters.
TelemetryConfiguration
Description
A model representing the state of a resource within an account according to telemetry config.
Members
- AccountIdentifier
-
- Type: string
The account ID which contains the resource managed in telemetry configuration. An example of a valid account ID is
012345678901. - LastUpdateTimeStamp
-
- Type: long (int|float)
The timestamp of the last change to the telemetry configuration for the resource. For example,
1728679196318. - ResourceIdentifier
-
- Type: string
The identifier of the resource, for example
i-0b22a22eec53b9321. - ResourceTags
-
- Type: Associative array of custom strings keys (String) to strings
Tags associated with the resource, for example
{ Name: "ExampleInstance", Environment: "Development" }. - ResourceType
-
- Type: string
The type of resource, for example
Amazon Web Services::EC2::Instance. - TelemetryConfigurationState
-
- Type: Associative array of custom strings keys (TelemetryType) to strings
The configuration state for the resource, for example
{ Logs: NotApplicable; Metrics: Enabled; Traces: NotApplicable; }.
TelemetryDestinationConfiguration
Description
Configuration specifying where and how telemetry data should be delivered for Amazon Web Services resources.
Members
- DestinationPattern
-
- Type: string
The pattern used to generate the destination path or name, supporting macros like <resourceId> and <accountId>.
- DestinationType
-
- Type: string
The type of destination for the telemetry data (e.g., "Amazon CloudWatch Logs", "S3").
- RetentionInDays
-
- Type: int
The number of days to retain the telemetry data in the destination.
- VPCFlowLogParameters
-
- Type: VPCFlowLogParameters structure
Configuration parameters specific to VPC Flow Logs when VPC is the resource type.
TelemetryRule
Description
Defines how telemetry should be configured for specific Amazon Web Services resources.
Members
- DestinationConfiguration
-
- Type: TelemetryDestinationConfiguration structure
Configuration specifying where and how the telemetry data should be delivered.
- ResourceType
-
- Type: string
The type of Amazon Web Services resource to configure telemetry for (e.g., "AWS::EC2::VPC").
- Scope
-
- Type: string
The organizational scope to which the rule applies, specified using accounts or organizational units.
- SelectionCriteria
-
- Type: string
Criteria for selecting which resources the rule applies to, such as resource tags.
- TelemetryType
-
- Required: Yes
- Type: string
The type of telemetry to collect (Logs, Metrics, or Traces).
TelemetryRuleSummary
Description
A summary of a telemetry rule's key properties.
Members
- CreatedTimeStamp
-
- Type: long (int|float)
The timestamp when the telemetry rule was created.
- LastUpdateTimeStamp
-
- Type: long (int|float)
The timestamp when the telemetry rule was last modified.
- ResourceType
-
- Type: string
The type of Amazon Web Services resource the rule applies to.
- RuleArn
-
- Type: string
The Amazon Resource Name (ARN) of the telemetry rule.
- RuleName
-
- Type: string
The name of the telemetry rule.
- TelemetryType
-
- Type: string
The type of telemetry (Logs, Metrics, or Traces) the rule configures.
TooManyRequestsException
Description
The request throughput limit was exceeded.
Members
- Message
-
- Type: string
VPCFlowLogParameters
Description
Configuration parameters specific to VPC Flow Logs.
Members
- LogFormat
-
- Type: string
The format in which VPC Flow Log entries should be logged.
- MaxAggregationInterval
-
- Type: int
The maximum interval in seconds between the capture of flow log records.
- TrafficType
-
- Type: string
The type of traffic to log (ACCEPT, REJECT, or ALL).
ValidationException
Description
Indicates input validation failed. Check your request parameters and retry the request.
Members
- Message
-
- Type: string