Amazon CloudWatch now supports automatic enablement of Amazon CloudFront Standard access logs, AWS Security Hub CSPM finding logs, and Amazon Bedrock AgentCore memory and gateway logs and traces to CloudWatch Logs. Customers can set up enablement rules that automatically configure telemetry for both existing and newly created resources, ensuring consistent monitoring coverage without manual setup.
Enablement rules can be scoped to the organization, specific accounts, or specific resources based on resource tags to standardize telemetry collection. For example, a central security team can create a single rule to automatically send CloudFront access logs and Security Hub findings for all resources across their organization to CloudWatch Logs.
CloudWatch’s auto-enablement capability is available in all AWS commercial regions. Log ingestion will be billed according to CloudWatch Pricing.
Amazon CloudFront access logs and AWS Security Hub CSPM findings support organization-wide enablement rules. Bedrock AgentCore memory and gateway telemetry support account-level enablement rules. To learn more about enablement rules in Amazon CloudWatch, visit the Amazon CloudWatch documentation.
Categories: marketing:marchitecture/management-and-governance,general:products/amazon-cloudwatch
Source: Amazon Web Services
Latest Posts
- (Updated) Microsoft Viva Engage: Flexible targeting of Storyline Announcements [MC1183013]
- Microsoft Viva: Agent flexible query in Analytics Workbench [MC1403410]
- Update to Microsoft Enterprise Content Delivery Network (eCDN) analytics data retention (360 days to 180 days) [MC1403404]
- Microsoft Purview compliance portal: View-only role management enhancements [MC1403403]
