Amazon CloudWatch Observability Admin Service (observabilityadmin)

2025-08-05

13 new actions, 2 new resources, 3 new conditions

Additions

    Actions
  • CreateTelemetryRule
    • Description:  Grants permission to create a new telemetry rule with the specified name for the account
    • Access:  Write
    • Resources: 

      Name: telemetry-rule

      Required: Yes

    • Conditions: 

      aws:TagKeys

      aws:RequestTag/${TagKey}
  • CreateTelemetryRuleForOrganization
    • Description:  Grants permission to create a new organization telemetry rule with the specified name for the organization
    • Access:  Write
    • Resources: 

      Name: organization-telemetry-rule

      Required: Yes

    • Conditions: 

      aws:TagKeys

      aws:RequestTag/${TagKey}
  • DeleteTelemetryRule
    • Description:  Grants permission to delete a telemetry rule with the specified name for the account
    • Access:  Write
    • Resources: 

      Name: telemetry-rule

      Required: Yes

  • DeleteTelemetryRuleForOrganization
    • Description:  Grants permission to delete an organization telemetry rule with the specified name for the organization
    • Access:  Write
    • Resources: 

      Name: organization-telemetry-rule

      Required: Yes

  • GetTelemetryRule
    • Description:  Grants permission to retrieve the specified telemetry rule for the account
    • Access:  Read
  • GetTelemetryRuleForOrganization
    • Description:  Grants permission to retrieve the specified organization telemetry rule for the organization
    • Access:  Read
  • ListTagsForResource
    • Description:  Grants permission to list the tags for the specified resource
    • Access:  List
    • Resources: 

      Name: organization-telemetry-rule

      Required: No

      Name: telemetry-rule

      Required: No

  • ListTelemetryRules
    • Description:  Grants permission to list the telemetry rules for the account
    • Access:  List
  • ListTelemetryRulesForOrganization
    • Description:  Grants permission to list the telemetry rules for the organization
    • Access:  List
  • TagResource
    • Description:  Grants permission to add or update the specified tags for the specified resource
    • Access:  Tagging
    • Resources: 

      Name: organization-telemetry-rule

      Required: No

      Name: telemetry-rule

      Required: No

    • Conditions: 

      aws:TagKeys

      aws:RequestTag/${TagKey}
  • UntagResource
    • Description:  Grants permission to remove the specified tags from the specified resource
    • Access:  Tagging
    • Resources: 

      Name: organization-telemetry-rule

      Required: No

      Name: telemetry-rule

      Required: No

    • Conditions: 

      aws:TagKeys
  • UpdateTelemetryRule
    • Description:  Grants permission to update the specified telemetry rule for the account
    • Access:  Write
    • Resources: 

      Name: telemetry-rule

      Required: Yes

  • UpdateTelemetryRuleForOrganization
    • Description:  Grants permission to retrieve the specified organization telemetry rule for the organization
    • Access:  Write
    • Resources: 

      Name: organization-telemetry-rule

      Required: Yes

    Resources
  • telemetry-rule
    • Arn:  arn:${Partition}:observabilityadmin:${Region}:${Account}:telemetry-rule:${TelemetryRuleName}
    • Conditions: 

      aws:ResourceTag/${TagKey}
  • organization-telemetry-rule
    • Arn:  arn:${Partition}:observabilityadmin:${Region}:${Account}:organization-telemetry-rule:${TelemetryRuleName}
    • Conditions: 

      aws:ResourceTag/${TagKey}
    Conditions
  • aws:RequestTag/${TagKey}
    • Description:  Filters access by the tags that are passed in the request
    • Type:  String
  • aws:ResourceTag/${TagKey}
    • Description:  Filters access by the tags associated with the resource
    • Type:  String
  • aws:TagKeys
    • Description:  Filters access by the tag keys that are passed in the request
    • Type:  ArrayOfString