UpdateSubscriber - Amazon Security Lake


Updates an existing subscription for the given Amazon Security Lake account ID. You can update a subscriber by changing the sources that the subscriber consumes data from.

Request Syntax

PUT /v1/subscribers/subscriberId HTTP/1.1 Content-type: application/json { "sources": [ { ... } ], "subscriberDescription": "string", "subscriberIdentity": { "externalId": "string", "principal": "string" }, "subscriberName": "string" }

URI Request Parameters

The request uses the following URI parameters.


A value created by Security Lake that uniquely identifies your subscription.

Pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$

Required: Yes

Request Body

The request accepts the following data in JSON format.


The supported AWS services from which logs and events are collected. For the list of supported AWS services, see the Amazon Security Lake User Guide.

Type: Array of LogSourceResource objects

Required: No


The description of the Security Lake account subscriber.

Type: String

Pattern: ^[\\\w\s\-_:/,.@=+]*$

Required: No


The AWS identity used to access your data.

Type: AwsIdentity object

Required: No


The name of the Security Lake account subscriber.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 64.

Pattern: ^[\\\w\-_:/.@=+]*$

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "subscriber": { "accessTypes": [ "string" ], "createdAt": "string", "resourceShareArn": "string", "resourceShareName": "string", "roleArn": "string", "s3BucketArn": "string", "sources": [ { ... } ], "subscriberArn": "string", "subscriberDescription": "string", "subscriberEndpoint": "string", "subscriberId": "string", "subscriberIdentity": { "externalId": "string", "principal": "string" }, "subscriberName": "string", "subscriberStatus": "string", "updatedAt": "string" } }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.


The updated subscriber information.

Type: SubscriberResource object


For information about the errors that are common to all actions, see Common Errors.


You do not have sufficient access to perform this action. Access denied errors appear when Amazon Security Lake explicitly or implicitly denies an authorization request. An explicit denial occurs when a policy contains a Deny statement for the specific AWS action. An implicit denial occurs when there is no applicable Deny statement and also no applicable Allow statement.

HTTP Status Code: 403


The request is malformed or contains an error such as an invalid parameter value or a missing required parameter.

HTTP Status Code: 400


Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

HTTP Status Code: 409


Internal service exceptions are sometimes caused by transient issues. Before you start troubleshooting, perform the operation again.

HTTP Status Code: 500


The resource could not be found.

HTTP Status Code: 404


The limit on the number of requests per second was exceeded.

HTTP Status Code: 429

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: