-
Notifications
You must be signed in to change notification settings - Fork 16
/
cloudwatch_observability.aws.txt
89 lines (61 loc) · 4.85 KB
/
cloudwatch_observability.aws.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
CLOUDWATCH_OBSERVABILITY
TODO ==>
- https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html
- limits: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_limits.html
- https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Cross-Account-Cross-Region.html
- https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_crossaccount_dashboard.html
- https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_xaxr_dashboard.html
VERSION ==> #See CloudWatch doc
SUMMARY ==> #???
/=+===============================+=\
/ : : \
)==: API :==(
\ :_______________________________: /
\=+===============================+=/
SERVICE_DOMAIN
FORMAT ==>
PAGINATION ==> #See CloudWatch doc
PRICING ==> #???
/=+===============================+=\
/ : : \
)==: METRIC CROSS-ACCOUNT :==(
\ :_______________________________: /
\=+===============================+=/
LINKING ACCOUNTS ==> #Allowing one ACCOUNT ("monitoring") to access CloudWatch of another ACCOUNT ("sharing|source")
AWSServiceRole #SERVICE_LINKED_ROLE to create in monitoring ACCOUNT
ForCloudWatchCrossAccount #Used by CloudWatch to assume CloudWatch-CrossAccountSharingRole
#Can be done from the UI
CloudWatch-CrossAccountAccess #AWS managed POLICY used by AWSServiceRoleForCloudWatchCrossAccount
#Allows sts:AssumeRole() on CloudWatch-CrossAccountSharing* ROLEs
CloudWatch- #SERVICE_LINKED_ROLE to create in source ACCOUNT
CrossAccountSharingRole #Assumed by CloudWatch in monitoring ACCOUNT
METRIC_LIST_REQ
.IncludeLinkedAccounts #BOOL (def: false). Include METRICs from source ACCOUNTs
METRIC_STREAM
.IncludeLinkedAccountsMetrics#Same
METRIC_LIST_REQ.OwningAccount
METRIC_DATA_REQ.AccountId #ACCOUNT_ID of the source ACCOUNT
WMETRIC|WOPTS.accountId #ACCOUNT_ID of the source ACCOUNT
#Only inside DBODY
METRIC_LIST.OwningAccounts #ACCOUNT_ID_ARR of each source ACCOUNT for each METRIC
METRIC_MATH #When cross-account, cannot use: INSIGHT_RULE_METRIC|ANOMALY_DETECTION_BAND|SERVICE_QUOTA()
:aws.AccountId #Can be used as SEARCH() TYPE
# - ACCOUNT_ID when cross-account
# - value can be "LOCAL" (current ACCOUNT_ID)
${PROP('AccountId')} #Dynamic label. Source ACCOUNT_ID
${PROP('AccountLabel')} #Dynamic label. Source ACCOUNT label
PACTION cloudwatch:Link #???
COMPOSITE_ALARM #Cannot be used when cross-account
/=+===============================+=\
/ : : \
)==: LOGS CROSS-ACCOUNT :==(
\ :_______________________________: /
\=+===============================+=/
LOG_GROUP_REQ
.includeLinkedAccounts #BOOL (def: false). Include source ACCOUNTs
LOG_GROUP_REQ #ACCOUNT_ID_ARR of source ACCOUNTs (def: all). Only if includeLinkedAccounts true
.accountIdentifiers #Max 20
CloudWatchLogsCrossAccount
SharingConfiguration #AWS managed POLICY ???