Amazon CloudWatch now supports automatic enablement of Amazon CloudFront Standard access logs, AWS Security Hub CSPM finding logs, and Amazon Bedrock AgentCore memory and gateway logs and traces to CloudWatch Logs. Customers can set up enablement rules that automatically configure telemetry for both existing and newly created resources, ensuring consistent monitoring coverage without manual setup.
Enablement rules can be scoped to the organization, specific accounts, or specific resources based on resource tags to standardize telemetry collection. For example, a central security team can create a single rule to automatically send CloudFront access logs and Security Hub findings for all resources across their organization to CloudWatch Logs.
CloudWatch’s auto-enablement capability is available in all AWS commercial regions. Log ingestion will be billed according to CloudWatch Pricing.
Amazon CloudFront access logs and AWS Security Hub CSPM findings support organization-wide enablement rules. Bedrock AgentCore memory and gateway telemetry support account-level enablement rules. To learn more about enablement rules in Amazon CloudWatch, visit the Amazon CloudWatch documentation.
Categories: marketing:marchitecture/management-and-governance,general:products/amazon-cloudwatch
Source: Amazon Web Services
Latest Posts
- Amazon SageMaker HyperPod now supports on-demand deep health checks
- Amazon SageMaker Unified Studio now supports multiple code spaces within projects for IAM domains
- Amazon IVS Low-Latency Streaming now supports server-side ad insertion
- Introducing GPU Health Monitoring and Auto Repair for Amazon ECS Managed Instances
