Amazon CloudWatch Logs (logs)

Additions

Actions

• DeleteDataProtectionPolicy
  
  • Description:  Grants permission to delete a data protection policy attached to a log group
  • Access:  Write
  • Resources: 

    Name: log-group

    Required: Yes

• GetDataProtectionPolicy
  
  • Description:  Grants permission to retrieve a data protection policy attached to a log group
  • Access:  Read
  • Resources: 

    Name: log-group

    Required: Yes

• Link
  
  • Description:  Grants permission to share CloudWatch resources with a monitoring account
  • Access:  Write
• PutDataProtectionPolicy
  
  • Description:  Grants permission to attach a data protection policy to detect and redact sensitive information from log events
  • Access:  Write
  • Resources: 

    Name: log-group

    Required: Yes

• Unmask
  
  • Description:  Grants permission to fetch unmasked log events that have been redacted with a data protection policy
  • Access:  Read
  • Resources: 

    Name: log-group

    Required: Yes