Skip to content

Put Delivery Source

cloudwatchlogs_put_delivery_source R Documentation

Creates or updates a logical delivery source

Description

Creates or updates a logical delivery source. A delivery source represents an Amazon Web Services resource that sends logs to an logs delivery destination. The destination can be CloudWatch Logs, Amazon S3, Firehose or X-Ray for sending traces.

To configure logs delivery between a delivery destination and an Amazon Web Services service that is supported as a delivery source, you must do the following:

  • Use put_delivery_source to create a delivery source, which is a logical object that represents the resource that is actually sending the logs.

  • Use put_delivery_destination to create a delivery destination, which is a logical object that represents the actual delivery destination. For more information, see put_delivery_destination.

  • If you are delivering logs cross-account, you must use put_delivery_destination_policy in the destination account to assign an IAM policy to the destination. This policy allows delivery to that destination.

  • Use create_delivery to create a delivery by pairing exactly one delivery source and one delivery destination. For more information, see create_delivery.

You can configure a single delivery source to send logs to multiple destinations by creating multiple deliveries. You can also create multiple deliveries to configure multiple delivery sources to send logs to the same delivery destination.

Only some Amazon Web Services services support being configured as a delivery source. These services are listed as Supported [V2 Permissions] in the table at Enabling logging from Amazon Web Services services.

If you use this operation to update an existing delivery source, all the current delivery source parameters are overwritten with the new parameter values that you specify.

Usage

cloudwatchlogs_put_delivery_source(name, resourceArn, logType, tags,
  deliverySourceConfiguration)

Arguments

name

[required] A name for this delivery source. This name must be unique for all delivery sources in your account.
resourceArn

[required] The ARN of the Amazon Web Services resource that is generating and sending logs. For example, ⁠arn:aws:workmail:us-east-1:123456789012:organization/m-1234EXAMPLEabcd1234abcd1234abcd1234⁠

For the SECURITY_FINDING_LOGS logType, use a wildcard ARN for the hub resource. For Amazon Web Services Security Hub CSPM, use ⁠arn:aws:securityhub:us-east-1:111122223333:hub/*⁠ and for Amazon Web Services Security Hub, use ⁠arn:aws:securityhub:us-east-1:111122223333:hubv2/*⁠
logType

[required] Defines the type of log that the source is sending.

  • For Amazon Bedrock Agents, the valid values are APPLICATION_LOGS and EVENT_LOGS.

  • For Amazon Bedrock Knowledge Bases, the valid value is APPLICATION_LOGS.

  • For Amazon Bedrock AgentCore Runtime, the valid values are APPLICATION_LOGS, USAGE_LOGS and TRACES.

  • For Amazon Bedrock AgentCore Tools, the valid values are APPLICATION_LOGS, USAGE_LOGS and TRACES.

  • For Amazon Bedrock AgentCore Identity, the valid values are APPLICATION_LOGS and TRACES.

  • For Amazon Bedrock AgentCore Memory, the valid values are APPLICATION_LOGS and TRACES.

  • For Amazon Bedrock AgentCore Gateway, the valid values are APPLICATION_LOGS and TRACES.

  • For CloudFront, the valid value is ACCESS_LOGS.

  • For DevOps Agent, the valid value is APPLICATION_LOGS.

  • For Amazon CodeWhisperer, the valid value is EVENT_LOGS.

  • For Elemental MediaPackage, the valid values are EGRESS_ACCESS_LOGS and INGRESS_ACCESS_LOGS.

  • For Elemental MediaTailor, the valid values are AD_DECISION_SERVER_LOGS, MANIFEST_SERVICE_LOGS, and TRANSCODE_LOGS.

  • For Amazon EKS Auto Mode, the valid values are AUTO_MODE_BLOCK_STORAGE_LOGS, AUTO_MODE_COMPUTE_LOGS, AUTO_MODE_IPAM_LOGS, and AUTO_MODE_LOAD_BALANCING_LOGS.

  • For Entity Resolution, the valid value is WORKFLOW_LOGS.

  • For IAM Identity Center, the valid value is ERROR_LOGS.

  • For Network Firewall Proxy, the valid values are ALERT_LOGS, ALLOW_LOGS, and DENY_LOGS.

  • For Network Load Balancer, the valid value is NLB_ACCESS_LOGS.

  • For PCS, the valid values are PCS_SCHEDULER_LOGS, PCS_JOBCOMP_LOGS, and PCS_SCHEDULER_AUDIT_LOGS.

  • For Quick, the valid values are CHAT_LOGS and FEEDBACK_LOGS.

  • For Amazon Web Services RTB Fabric, the valid values is APPLICATION_LOGS.

  • For Amazon Q, the valid values are EVENT_LOGS and SYNC_JOB_LOGS.

  • For Amazon Web Services Security Hub CSPM, the valid value is SECURITY_FINDING_LOGS.

  • For Amazon Web Services Security Hub, the valid value is SECURITY_FINDING_LOGS.

  • For Amazon SES mail manager, the valid values are APPLICATION_LOGS and TRAFFIC_POLICY_DEBUG_LOGS.

  • For Amazon WorkMail, the valid values are ACCESS_CONTROL_LOGS, AUTHENTICATION_LOGS, WORKMAIL_AVAILABILITY_PROVIDER_LOGS, WORKMAIL_MAILBOX_ACCESS_LOGS, and WORKMAIL_PERSONAL_ACCESS_TOKEN_LOGS.

  • For Amazon VPC Route Server, the valid value is EVENT_LOGS.
tags

An optional list of key-value pairs to associate with the resource.

For more information about tagging, see Tagging Amazon Web Services resources
deliverySourceConfiguration

A map of key-value pairs to configure the delivery source. Both keys and values must be between 1 and 255 characters in length. For example, {"samplingRate": "50"}.

Value

A list with the following syntax:

list(
  deliverySource = list(
    name = "string",
    arn = "string",
    resourceArns = list(
      "string"
    ),
    service = "string",
    logType = "string",
    tags = list(
      "string"
    ),
    deliverySourceConfiguration = list(
      "string"
    ),
    status = "ACTIVE"|"INACTIVE",
    statusReason = "RESOURCE_DELETED"
  )
)

Request syntax

svc$put_delivery_source(
  name = "string",
  resourceArn = "string",
  logType = "string",
  tags = list(
    "string"
  ),
  deliverySourceConfiguration = list(
    "string"
  )
)