AWS GovCloud (US-West) User Guide
AWS GovCloud (US-West) User Guide

Amazon CloudWatch Logs

Use CloudWatch Logs to monitor, store, and access your log files from Amazon EC2 instances, AWS CloudTrail, or other sources.

The following list details the differences for using this service in the AWS GovCloud (US-West) Region compared to other AWS Regions:

  • Use SSL (HTTPS) when you make calls to the service in the AWS GovCloud (US-West) Region. In other AWS Regions, you can use HTTP or HTTPS.

For more information about CloudWatch Logs, see the CloudWatch Logs documentation.

ITAR Boundary

AWS GovCloud (US) has an ITAR boundary, which defines where customers are allowed to store ITAR-controlled data for this service in the AWS GovCloud (US-West) Region. To maintain ITAR compliance, you must place ITAR-controlled data on the applicable part of the ITAR boundary. If you do not have any ITAR-controlled data in the AWS GovCloud (US-West) Region, this section does not apply to you. The following information identifies the ITAR boundary for this service:

ITAR-Regulated Data Permitted

ITAR-Regulated Data Not Permitted

Not applicable

No ITAR-regulated data may be entered, stored, or processed by CloudWatch Logs. For example, CloudWatch Logs metadata is not permitted to contain ITAR-regulated data.

For example, do not enter ITAR-regulated data in the following fields:

  • Monitor configuration names

  • Descriptions

  • Trigger names

  • Metric names

  • Log group tags

On this page: