Creates a centralization rule that applies across an Amazon Web Services Organization.

This operation can only be called by the organization's management account or a delegated administrator account.

Creates an integration between CloudWatch and S3 Tables for analytics.

This integration enables querying CloudWatch telemetry data using analytics engines like Amazon Athena, Amazon Redshift, and Apache Spark.

Creates a telemetry pipeline for processing and transforming telemetry data.

The pipeline defines how data flows from sources through processors to destinations, enabling data transformation and delivering capabilities.

Creates a telemetry rule that defines how telemetry should be configured for Amazon Web Services resources in your account.

The rule specifies which resources should have telemetry enabled and how that telemetry data should be collected based on resource type, telemetry type, and selection criteria.

Creates a telemetry rule that applies across an Amazon Web Services Organization.

This operation can only be called by the organization's management account or a delegated administrator account.

Deletes an organization-wide centralization rule.

This operation can only be called by the organization's management account or a delegated administrator account.

Deletes an S3 Table integration and its associated data.

This operation removes the connection between CloudWatch Observability Admin and S3 Tables.

Deletes a telemetry pipeline and its associated resources.

This operation stops data processing and removes the pipeline configuration.

Deletes a telemetry rule from your account.

Any telemetry configurations previously created by the rule will remain but no new resources will be configured by this rule.

Deletes an organization-wide telemetry rule.

This operation can only be called by the organization's management account or a delegated administrator account.

Retrieves the details of a specific organization centralization rule.

This operation can only be called by the organization's management account or a delegated administrator account.

Retrieves information about a specific S3 Table integration, including its configuration, status, and metadata.

Returns the current status of the resource tags for telemetry feature, which enhances telemetry data with additional resource metadata from Resource Explorer.

Returns the current onboarding status of the telemetry config feature, including the status of the feature and reason the feature failed to start or stop.

This returns the onboarding status of the telemetry configuration feature for the organization.

It can only be called by a Management Account of an Amazon Web Services Organization or an assigned Delegated Admin Account of Amazon CloudWatch telemetry config.

Retrieves information about a specific telemetry pipeline, including its configuration, status, and metadata.

Retrieves the details of a specific telemetry rule in your account.

Retrieves the details of a specific organization telemetry rule.

This operation can only be called by the organization's management account or a delegated administrator account.

Lists all centralization rules in your organization.

This operation can only be called by the organization's management account or a delegated administrator account.

Returns a list of telemetry configurations for Amazon Web Services resources supported by telemetry config.

For more information, see Auditing CloudWatch telemetry configurations.

Returns a list of telemetry configurations for Amazon Web Services resources supported by telemetry config in the organization.

Lists all S3 Table integrations in your account.

We recommend using pagination to ensure that the operation returns quickly and successfully.

Lists all tags attached to the specified resource.

Supports telemetry rule resources and telemetry pipeline resources.

Returns a list of telemetry pipelines in your account.

Returns up to 100 results. If more than 100 telemetry pipelines exist, include the NextToken value from the response to retrieve the next set of results.

Lists all telemetry rules in your account.

You can filter the results by specifying a rule name prefix.

Lists all telemetry rules in your organization.

This operation can only be called by the organization's management account or a delegated administrator account.

Enables the resource tags for telemetry feature for your account, which enhances telemetry data with additional resource metadata from Resource Explorer to provide richer context for monitoring and observability.

This action begins onboarding the caller Amazon Web Services account to the telemetry config feature.

This actions begins onboarding the organization and all member accounts to the telemetry config feature.

Disables the resource tags for telemetry feature for your account, stopping the enhancement of telemetry data with additional resource metadata.

This action begins offboarding the caller Amazon Web Services account from the telemetry config feature.

This action offboards the Organization of the caller Amazon Web Services account from the telemetry config feature.

Adds or updates tags for a resource.

Supports telemetry rule resources and telemetry pipeline resources.

Tests a pipeline configuration with sample records to validate data processing before deployment.

This operation helps ensure your pipeline configuration works as expected.

Removes tags from a resource.

Supports telemetry rule resources and telemetry pipeline resources.

Updates an existing centralization rule that applies across an Amazon Web Services Organization.

This operation can only be called by the organization's management account or a delegated administrator account.

Updates the configuration of an existing telemetry pipeline.

The following attributes cannot be updated after pipeline creation:

Pipeline name - The pipeline name is immutable

Pipeline ARN - The ARN is automatically generated and cannot be changed

Source type - Once a pipeline is created with a specific source type (such as S3, CloudWatch Logs, GitHub, or third-party sources), it cannot be changed to a different source type

Processors can be added, removed, or modified. However, some processors are not supported for third-party pipelines and cannot be added through updates.

source-specific-update-rules

Source-Specific Update Rules

definitions

Definitions

cloudwatch-logs-sources-vended-and-custom

CloudWatch Logs Sources (Vended and Custom)

Updatable: sts_role_arn

Fixed: data_source_name, data_source_type, sink (must remain @original)

s3-sources-crowdstrike-zscaler-sentinelone-custom

S3 Sources (Crowdstrike, Zscaler, SentinelOne, Custom)

Updatable: All SQS configuration parameters, sts_role_arn, codec settings, compression type, bucket ownership settings, sink log group

Fixed: notification_type, aws.region

github-audit-logs

GitHub Audit Logs

Updatable: All Amazon Web Services Secrets Manager attributes, scope (can switch between ORGANIZATION/ENTERPRISE), organization or enterprise name, range, authentication credentials (PAT or GitHub App)

microsoft-sources-entra-id-office365-windows

Microsoft Sources (Entra ID, Office365, Windows)

Updatable: All Amazon Web Services Secrets Manager attributes, tenant_id, workspace_id (Windows only), OAuth2 credentials (client_id, client_secret)

okta-sources-sso-auth0

Okta Sources (SSO, Auth0)

Updatable: All Amazon Web Services Secrets Manager attributes, domain, range, OAuth2 credentials (client_id, client_secret)

palo-alto-networks

Palo Alto Networks

Updatable: All Amazon Web Services Secrets Manager attributes, hostname, basic authentication credentials (username, password)

servicenow-cmdb

ServiceNow CMDB

Updatable: All Amazon Web Services Secrets Manager attributes, instance_url, range, OAuth2 credentials (client_id, client_secret)

wiz-cnapp

Wiz CNAPP

Updatable: All Amazon Web Services Secrets Manager attributes, region, range, OAuth2 credentials (client_id, client_secret)

Updates an existing telemetry rule in your account.

If multiple users attempt to modify the same telemetry rule simultaneously, a ConflictException is returned to provide specific error information for concurrent modification scenarios.

Updates an existing telemetry rule that applies across an Amazon Web Services Organization.

This operation can only be called by the organization's management account or a delegated administrator account.

Validates a pipeline configuration without creating the pipeline.

This operation checks the configuration for syntax errors and compatibility issues.