CloudWatchObservabilityAdminService / Client / create_telemetry_rule
create_telemetry_rule¶
- CloudWatchObservabilityAdminService.Client.create_telemetry_rule(**kwargs)¶
Creates a telemetry rule that defines how telemetry should be configured for Amazon Web Services resources in your account. The rule specifies which resources should have telemetry enabled and how that telemetry data should be collected based on resource type, telemetry type, and selection criteria.
See also: AWS API Documentation
Request Syntax
response = client.create_telemetry_rule( RuleName='string', Rule={ 'ResourceType': 'AWS::EC2::Instance'|'AWS::EC2::VPC'|'AWS::Lambda::Function'|'AWS::CloudTrail'|'AWS::EKS::Cluster'|'AWS::WAFv2::WebACL'|'AWS::ElasticLoadBalancingV2::LoadBalancer'|'AWS::Route53Resolver::ResolverEndpoint'|'AWS::BedrockAgentCore::Runtime'|'AWS::BedrockAgentCore::Browser'|'AWS::BedrockAgentCore::CodeInterpreter', 'TelemetryType': 'Logs'|'Metrics'|'Traces', 'TelemetrySourceTypes': [ 'VPC_FLOW_LOGS'|'ROUTE53_RESOLVER_QUERY_LOGS'|'EKS_AUDIT_LOGS'|'EKS_AUTHENTICATOR_LOGS'|'EKS_CONTROLLER_MANAGER_LOGS'|'EKS_SCHEDULER_LOGS'|'EKS_API_LOGS', ], 'DestinationConfiguration': { 'DestinationType': 'cloud-watch-logs', 'DestinationPattern': 'string', 'RetentionInDays': 123, 'VPCFlowLogParameters': { 'LogFormat': 'string', 'TrafficType': 'string', 'MaxAggregationInterval': 123 }, 'CloudtrailParameters': { 'AdvancedEventSelectors': [ { 'Name': 'string', 'FieldSelectors': [ { 'Field': 'string', 'Equals': [ 'string', ], 'StartsWith': [ 'string', ], 'EndsWith': [ 'string', ], 'NotEquals': [ 'string', ], 'NotStartsWith': [ 'string', ], 'NotEndsWith': [ 'string', ] }, ] }, ] }, 'ELBLoadBalancerLoggingParameters': { 'OutputFormat': 'plain'|'json', 'FieldDelimiter': 'string' }, 'WAFLoggingParameters': { 'RedactedFields': [ { 'SingleHeader': { 'Name': 'string' }, 'UriPath': 'string', 'QueryString': 'string', 'Method': 'string' }, ], 'LoggingFilter': { 'Filters': [ { 'Behavior': 'KEEP'|'DROP', 'Requirement': 'MEETS_ALL'|'MEETS_ANY', 'Conditions': [ { 'ActionCondition': { 'Action': 'ALLOW'|'BLOCK'|'COUNT'|'CAPTCHA'|'CHALLENGE'|'EXCLUDED_AS_COUNT' }, 'LabelNameCondition': { 'LabelName': 'string' } }, ] }, ], 'DefaultBehavior': 'KEEP'|'DROP' }, 'LogType': 'WAF_LOGS' }, 'LogDeliveryParameters': { 'LogTypes': [ 'APPLICATION_LOGS'|'USAGE_LOGS', ] } }, 'Scope': 'string', 'SelectionCriteria': 'string' }, Tags={ 'string': 'string' } )
- Parameters:
RuleName (string) –
[REQUIRED]
A unique name for the telemetry rule being created.
Rule (dict) –
[REQUIRED]
The configuration details for the telemetry rule, including the resource type, telemetry type, destination configuration, and selection criteria for which resources the rule applies to.
ResourceType (string) –
The type of Amazon Web Services resource to configure telemetry for (e.g., “AWS::EC2::VPC”, “AWS::EKS::Cluster”, “AWS::WAFv2::WebACL”).
TelemetryType (string) – [REQUIRED]
The type of telemetry to collect (Logs, Metrics, or Traces).
TelemetrySourceTypes (list) –
The specific telemetry source types to configure for the resource, such as VPC_FLOW_LOGS or EKS_AUDIT_LOGS. TelemetrySourceTypes must be correlated with the specific resource type.
(string) –
Specifies the type of telemetry source for a resource, such as EKS cluster logs.
DestinationConfiguration (dict) –
Configuration specifying where and how the telemetry data should be delivered.
DestinationType (string) –
The type of destination for the telemetry data (e.g., “Amazon CloudWatch Logs”, “S3”).
DestinationPattern (string) –
The pattern used to generate the destination path or name, supporting macros like <resourceId> and <accountId>.
RetentionInDays (integer) –
The number of days to retain the telemetry data in the destination.
VPCFlowLogParameters (dict) –
Configuration parameters specific to VPC Flow Logs when VPC is the resource type.
LogFormat (string) –
The format in which VPC Flow Log entries should be logged.
TrafficType (string) –
The type of traffic to log (ACCEPT, REJECT, or ALL).
MaxAggregationInterval (integer) –
The maximum interval in seconds between the capture of flow log records.
CloudtrailParameters (dict) –
Configuration parameters specific to Amazon Web Services CloudTrail when CloudTrail is the source type.
AdvancedEventSelectors (list) – [REQUIRED]
The advanced event selectors to use for filtering Amazon Web Services CloudTrail events.
(dict) –
Advanced event selectors let you create fine-grained selectors for management, data, and network activity events.
Name (string) –
An optional, descriptive name for an advanced event selector, such as “Log data events for only two S3 buckets”.
FieldSelectors (list) – [REQUIRED]
Contains all selector statements in an advanced event selector.
(dict) –
Defines criteria for selecting resources based on field values.
Field (string) – [REQUIRED]
The name of the field to use for selection.
Equals (list) –
Matches if the field value equals the specified value.
(string) –
StartsWith (list) –
Matches if the field value starts with the specified value.
(string) –
EndsWith (list) –
Matches if the field value ends with the specified value.
(string) –
NotEquals (list) –
Matches if the field value does not equal the specified value.
(string) –
NotStartsWith (list) –
Matches if the field value does not start with the specified value.
(string) –
NotEndsWith (list) –
Matches if the field value does not end with the specified value.
(string) –
ELBLoadBalancerLoggingParameters (dict) –
Configuration parameters specific to ELB load balancer logging when ELB is the resource type.
OutputFormat (string) –
The format for ELB access log entries (plain text or JSON format).
FieldDelimiter (string) –
The delimiter character used to separate fields in ELB access log entries when using plain text format.
WAFLoggingParameters (dict) –
Configuration parameters specific to WAF logging when WAF is the resource type.
RedactedFields (list) –
The fields to redact from WAF logs to protect sensitive information.
(dict) –
Specifies a field in the request to redact from WAF logs, such as headers, query parameters, or body content.
SingleHeader (dict) –
Redacts a specific header field by name from WAF logs.
Name (string) –
The name value, limited to 64 characters.
UriPath (string) –
Redacts the URI path from WAF logs.
QueryString (string) –
Redacts the entire query string from WAF logs.
Method (string) –
Redacts the HTTP method from WAF logs.
LoggingFilter (dict) –
A filter configuration that determines which WAF log records to include or exclude.
Filters (list) –
A list of filter conditions that determine log record handling behavior.
(dict) –
A single filter condition that specifies behavior, requirement, and matching conditions for WAF log records.
Behavior (string) –
The action to take for log records matching this filter (KEEP or DROP).
Requirement (string) –
Whether the log record must meet all conditions (MEETS_ALL) or any condition (MEETS_ANY) to match this filter.
Conditions (list) –
The list of conditions that determine if a log record matches this filter.
(dict) –
A single condition that can match based on WAF rule action or label name.
ActionCondition (dict) –
Matches log records based on the WAF rule action taken (ALLOW, BLOCK, COUNT, etc.).
Action (string) –
The WAF action to match against (ALLOW, BLOCK, COUNT, CAPTCHA, CHALLENGE, EXCLUDED_AS_COUNT).
LabelNameCondition (dict) –
Matches log records based on WAF rule labels applied to the request.
LabelName (string) –
The label name to match, supporting alphanumeric characters, underscores, hyphens, and colons.
DefaultBehavior (string) –
The default action (KEEP or DROP) for log records that don’t match any filter conditions.
LogType (string) –
The type of WAF logs to collect (currently supports WAF_LOGS).
LogDeliveryParameters (dict) –
Configuration parameters specific to Amazon Bedrock AgentCore logging when Amazon Bedrock AgentCore is the resource type.
LogTypes (list) –
The type of log that the source is sending.
(string) –
Scope (string) –
The organizational scope to which the rule applies, specified using accounts or organizational units.
SelectionCriteria (string) –
Criteria for selecting which resources the rule applies to, such as resource tags.
Tags (dict) –
The key-value pairs to associate with the telemetry rule resource for categorization and management purposes.
(string) –
(string) –
- Return type:
dict
- Returns:
Response Syntax
{ 'RuleArn': 'string' }
Response Structure
(dict) –
RuleArn (string) –
The Amazon Resource Name (ARN) of the created telemetry rule.
Exceptions
CloudWatchObservabilityAdminService.Client.exceptions.ServiceQuotaExceededExceptionCloudWatchObservabilityAdminService.Client.exceptions.ConflictExceptionCloudWatchObservabilityAdminService.Client.exceptions.AccessDeniedExceptionCloudWatchObservabilityAdminService.Client.exceptions.InternalServerExceptionCloudWatchObservabilityAdminService.Client.exceptions.ValidationExceptionCloudWatchObservabilityAdminService.Client.exceptions.TooManyRequestsException