Table of Contents
A low-level client representing Synthetics
You can use Amazon CloudWatch Synthetics to continually monitor your services. You can create and manage canaries , which are modular, lightweight scripts that monitor your endpoints and APIs from the outside-in. You can set up your canaries to run 24 hours a day, once per minute. The canaries help you check the availability and latency of your web services and troubleshoot anomalies by investigating load time data, screenshots of the UI, logs, and metrics. The canaries seamlessly integrate with CloudWatch ServiceLens to help you trace the causes of impacted nodes in your applications. For more information, see Using ServiceLens to Monitor the Health of Your Applications in the Amazon CloudWatch User Guide .
Before you create and manage canaries, be aware of the security considerations. For more information, see Security Considerations for Synthetics Canaries .
import boto3
client = boto3.client('synthetics')
These are the available methods:
Check if an operation can be paginated.
Creates a canary. Canaries are scripts that monitor your endpoints and APIs from the outside-in. Canaries help you check the availability and latency of your web services and troubleshoot anomalies by investigating load time data, screenshots of the UI, logs, and metrics. You can set up a canary to run continuously or just once.
Do not use CreateCanary to modify an existing canary. Use UpdateCanary instead.
To create canaries, you must have the CloudWatchSyntheticsFullAccess policy. If you are creating a new IAM role for the canary, you also need the the iam:CreateRole , iam:CreatePolicy and iam:AttachRolePolicy permissions. For more information, see Necessary Roles and Permissions .
Do not include secrets or proprietary information in your canary names. The canary name makes up part of the Amazon Resource Name (ARN) for the canary, and the ARN is included in outbound calls over the internet. For more information, see Security Considerations for Synthetics Canaries .
See also: AWS API Documentation
Request Syntax
response = client.create_canary(
Name='string',
Code={
'S3Bucket': 'string',
'S3Key': 'string',
'S3Version': 'string',
'ZipFile': b'bytes',
'Handler': 'string'
},
ArtifactS3Location='string',
ExecutionRoleArn='string',
Schedule={
'Expression': 'string',
'DurationInSeconds': 123
},
RunConfig={
'TimeoutInSeconds': 123,
'MemoryInMB': 123,
'ActiveTracing': True|False,
'EnvironmentVariables': {
'string': 'string'
}
},
SuccessRetentionPeriodInDays=123,
FailureRetentionPeriodInDays=123,
RuntimeVersion='string',
VpcConfig={
'SubnetIds': [
'string',
],
'SecurityGroupIds': [
'string',
]
},
Tags={
'string': 'string'
},
ArtifactConfig={
'S3Encryption': {
'EncryptionMode': 'SSE_S3'|'SSE_KMS',
'KmsKeyArn': 'string'
}
}
)
[REQUIRED]
The name for this canary. Be sure to give it a descriptive name that distinguishes it from other canaries in your account.
Do not include secrets or proprietary information in your canary names. The canary name makes up part of the canary ARN, and the ARN is included in outbound calls over the internet. For more information, see Security Considerations for Synthetics Canaries .
[REQUIRED]
A structure that includes the entry point from which the canary should start running your script. If the script is stored in an S3 bucket, the bucket name, key, and version are also included.
If your canary script is located in S3, specify the bucket name here. Do not include s3:// as the start of the bucket name.
The S3 key of your script. For more information, see Working with Amazon S3 Objects .
The S3 version ID of your script.
If you input your canary script directly into the canary instead of referring to an S3 location, the value of this parameter is the base64-encoded contents of the .zip file that contains the script. It must be smaller than 225 Kb.
For large canary scripts, we recommend that you use an S3 location instead of inputting it directly with this parameter.
The entry point to use for the source code when running the canary. For canaries that use the syn-python-selenium-1.0 runtime or a syn-nodejs.puppeteer runtime earlier than syn-nodejs.puppeteer-3.4 , the handler must be specified as `` fileName .handler`` . For syn-python-selenium-1.1 , syn-nodejs.puppeteer-3.4 , and later runtimes, the handler can be specified as `` fileName .*functionName* `` , or you can specify a folder where canary scripts reside as `` folder /fileName .*functionName* `` .
[REQUIRED]
The location in Amazon S3 where Synthetics stores artifacts from the test runs of this canary. Artifacts include the log file, screenshots, and HAR files. The name of the S3 bucket can't include a period (.).
[REQUIRED]
The ARN of the IAM role to be used to run the canary. This role must already exist, and must include lambda.amazonaws.com as a principal in the trust policy. The role must also have the following permissions:
[REQUIRED]
A structure that contains information about how often the canary is to run and when these test runs are to stop.
A rate expression or a cron expression that defines how often the canary is to run.
For a rate expression, The syntax is rate(*number unit* ) . unit can be minute , minutes , or hour .
For example, rate(1 minute) runs the canary once a minute, rate(10 minutes) runs it once every 10 minutes, and rate(1 hour) runs it once every hour. You can specify a frequency between rate(1 minute) and rate(1 hour) .
Specifying rate(0 minute) or rate(0 hour) is a special value that causes the canary to run only once when it is started.
Use cron(*expression* ) to specify a cron expression. You can't schedule a canary to wait for more than a year before running. For information about the syntax for cron expressions, see Scheduling canary runs using cron .
How long, in seconds, for the canary to continue making regular runs according to the schedule in the Expression value. If you specify 0, the canary continues making runs until you stop it. If you omit this field, the default of 0 is used.
A structure that contains the configuration for individual canary runs, such as timeout value.
How long the canary is allowed to run before it must stop. You can't set this time to be longer than the frequency of the runs of this canary.
If you omit this field, the frequency of the canary is used as this value, up to a maximum of 14 minutes.
The maximum amount of memory available to the canary while it is running, in MB. This value must be a multiple of 64.
Specifies whether this canary is to use active X-Ray tracing when it runs. Active tracing enables this canary run to be displayed in the ServiceLens and X-Ray service maps even if the canary does not hit an endpoint that has X-Ray tracing enabled. Using X-Ray tracing incurs charges. For more information, see Canaries and X-Ray tracing .
You can enable active tracing only for canaries that use version syn-nodejs-2.0 or later for their canary runtime.
Specifies the keys and values to use for any environment variables used in the canary script. Use the following format:
{ "key1" : "value1", "key2" : "value2", ...}
Keys must start with a letter and be at least two characters. The total size of your environment variables cannot exceed 4 KB. You can't specify any Lambda reserved environment variables as the keys for your environment variables. For more information about reserved keys, see Runtime environment variables .
[REQUIRED]
Specifies the runtime version to use for the canary. For a list of valid runtime versions and more information about runtime versions, see Canary Runtime Versions .
If this canary is to test an endpoint in a VPC, this structure contains information about the subnet and security groups of the VPC endpoint. For more information, see Running a Canary in a VPC .
The IDs of the subnets where this canary is to run.
The IDs of the security groups for this canary.
A list of key-value pairs to associate with the canary. You can associate as many as 50 tags with a canary.
Tags can help you organize and categorize your resources. You can also use them to scope user permissions, by granting a user permission to access or change only the resources that have certain tag values.
A structure that contains the configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3.
A structure that contains the configuration of the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3. Artifact encryption functionality is available only for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later. For more information, see Encrypting canary artifacts
The encryption method to use for artifacts created by this canary. Specify SSE_S3 to use server-side encryption (SSE) with an Amazon S3-managed key. Specify SSE-KMS to use server-side encryption with a customer-managed KMS key.
If you omit this parameter, an Amazon Web Services-managed KMS key is used.
The ARN of the customer-managed KMS key to use, if you specify SSE-KMS for EncryptionMode
dict
Response Syntax
{
'Canary': {
'Id': 'string',
'Name': 'string',
'Code': {
'SourceLocationArn': 'string',
'Handler': 'string'
},
'ExecutionRoleArn': 'string',
'Schedule': {
'Expression': 'string',
'DurationInSeconds': 123
},
'RunConfig': {
'TimeoutInSeconds': 123,
'MemoryInMB': 123,
'ActiveTracing': True|False
},
'SuccessRetentionPeriodInDays': 123,
'FailureRetentionPeriodInDays': 123,
'Status': {
'State': 'CREATING'|'READY'|'STARTING'|'RUNNING'|'UPDATING'|'STOPPING'|'STOPPED'|'ERROR'|'DELETING',
'StateReason': 'string',
'StateReasonCode': 'INVALID_PERMISSIONS'|'CREATE_PENDING'|'CREATE_IN_PROGRESS'|'CREATE_FAILED'|'UPDATE_PENDING'|'UPDATE_IN_PROGRESS'|'UPDATE_COMPLETE'|'ROLLBACK_COMPLETE'|'ROLLBACK_FAILED'|'DELETE_IN_PROGRESS'|'DELETE_FAILED'|'SYNC_DELETE_IN_PROGRESS'
},
'Timeline': {
'Created': datetime(2015, 1, 1),
'LastModified': datetime(2015, 1, 1),
'LastStarted': datetime(2015, 1, 1),
'LastStopped': datetime(2015, 1, 1)
},
'ArtifactS3Location': 'string',
'EngineArn': 'string',
'RuntimeVersion': 'string',
'VpcConfig': {
'VpcId': 'string',
'SubnetIds': [
'string',
],
'SecurityGroupIds': [
'string',
]
},
'VisualReference': {
'BaseScreenshots': [
{
'ScreenshotName': 'string',
'IgnoreCoordinates': [
'string',
]
},
],
'BaseCanaryRunId': 'string'
},
'Tags': {
'string': 'string'
},
'ArtifactConfig': {
'S3Encryption': {
'EncryptionMode': 'SSE_S3'|'SSE_KMS',
'KmsKeyArn': 'string'
}
}
}
}
Response Structure
(dict) --
Canary (dict) --
The full details about the canary you have created.
Id (string) --
The unique ID of this canary.
Name (string) --
The name of the canary.
Code (dict) --
This structure contains information about the canary's Lambda handler and where its code is stored by CloudWatch Synthetics.
SourceLocationArn (string) --
The ARN of the Lambda layer where Synthetics stores the canary script code.
Handler (string) --
The entry point to use for the source code when running the canary.
ExecutionRoleArn (string) --
The ARN of the IAM role used to run the canary. This role must include lambda.amazonaws.com as a principal in the trust policy.
Schedule (dict) --
A structure that contains information about how often the canary is to run, and when these runs are to stop.
Expression (string) --
A rate expression or a cron expression that defines how often the canary is to run.
For a rate expression, The syntax is rate(*number unit* ) . unit can be minute , minutes , or hour .
For example, rate(1 minute) runs the canary once a minute, rate(10 minutes) runs it once every 10 minutes, and rate(1 hour) runs it once every hour. You can specify a frequency between rate(1 minute) and rate(1 hour) .
Specifying rate(0 minute) or rate(0 hour) is a special value that causes the canary to run only once when it is started.
Use cron(*expression* ) to specify a cron expression. For information about the syntax for cron expressions, see Scheduling canary runs using cron .
DurationInSeconds (integer) --
How long, in seconds, for the canary to continue making regular runs after it was created. The runs are performed according to the schedule in the Expression value.
RunConfig (dict) --
A structure that contains information about a canary run.
TimeoutInSeconds (integer) --
How long the canary is allowed to run before it must stop.
MemoryInMB (integer) --
The maximum amount of memory available to the canary while it is running, in MB. This value must be a multiple of 64.
ActiveTracing (boolean) --
Displays whether this canary run used active X-Ray tracing.
SuccessRetentionPeriodInDays (integer) --
The number of days to retain data about successful runs of this canary.
FailureRetentionPeriodInDays (integer) --
The number of days to retain data about failed runs of this canary.
Status (dict) --
A structure that contains information about the canary's status.
State (string) --
The current state of the canary.
StateReason (string) --
If the canary has insufficient permissions to run, this field provides more details.
StateReasonCode (string) --
If the canary cannot run or has failed, this field displays the reason.
Timeline (dict) --
A structure that contains information about when the canary was created, modified, and most recently run.
Created (datetime) --
The date and time the canary was created.
LastModified (datetime) --
The date and time the canary was most recently modified.
LastStarted (datetime) --
The date and time that the canary's most recent run started.
LastStopped (datetime) --
The date and time that the canary's most recent run ended.
ArtifactS3Location (string) --
The location in Amazon S3 where Synthetics stores artifacts from the runs of this canary. Artifacts include the log file, screenshots, and HAR files.
EngineArn (string) --
The ARN of the Lambda function that is used as your canary's engine. For more information about Lambda ARN format, see Resources and Conditions for Lambda Actions .
RuntimeVersion (string) --
Specifies the runtime version to use for the canary. For more information about runtime versions, see Canary Runtime Versions .
VpcConfig (dict) --
If this canary is to test an endpoint in a VPC, this structure contains information about the subnets and security groups of the VPC endpoint. For more information, see Running a Canary in a VPC .
VpcId (string) --
The IDs of the VPC where this canary is to run.
SubnetIds (list) --
The IDs of the subnets where this canary is to run.
SecurityGroupIds (list) --
The IDs of the security groups for this canary.
VisualReference (dict) --
If this canary performs visual monitoring by comparing screenshots, this structure contains the ID of the canary run to use as the baseline for screenshots, and the coordinates of any parts of the screen to ignore during the visual monitoring comparison.
BaseScreenshots (list) --
An array of screenshots that are used as the baseline for comparisons during visual monitoring.
(dict) --
A structure representing a screenshot that is used as a baseline during visual monitoring comparisons made by the canary.
ScreenshotName (string) --
The name of the screenshot. This is generated the first time the canary is run after the UpdateCanary operation that specified for this canary to perform visual monitoring.
IgnoreCoordinates (list) --
Coordinates that define the part of a screen to ignore during screenshot comparisons. To obtain the coordinates to use here, use the CloudWatch Logs console to draw the boundaries on the screen. For more information, see {LINK}
BaseCanaryRunId (string) --
The ID of the canary run that produced the screenshots that are used as the baseline for visual monitoring comparisons during future runs of this canary.
Tags (dict) --
The list of key-value pairs that are associated with the canary.
ArtifactConfig (dict) --
A structure that contains the configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3.
S3Encryption (dict) --
A structure that contains the configuration of encryption settings for canary artifacts that are stored in Amazon S3.
EncryptionMode (string) --
The encryption method to use for artifacts created by this canary. Specify SSE_S3 to use server-side encryption (SSE) with an Amazon S3-managed key. Specify SSE-KMS to use server-side encryption with a customer-managed KMS key.
If you omit this parameter, an Amazon Web Services-managed KMS key is used.
KmsKeyArn (string) --
The ARN of the customer-managed KMS key to use, if you specify SSE-KMS for EncryptionMode
Exceptions
Permanently deletes the specified canary.
If you specify DeleteLambda to true , CloudWatch Synthetics also deletes the Lambda functions and layers that are used by the canary.
Other esources used and created by the canary are not automatically deleted. After you delete a canary that you do not intend to use again, you should also delete the following:
Before you delete a canary, you might want to use GetCanary to display the information about this canary. Make note of the information returned by this operation so that you can delete these resources after you delete the canary.
See also: AWS API Documentation
Request Syntax
response = client.delete_canary(
Name='string',
DeleteLambda=True|False
)
[REQUIRED]
The name of the canary that you want to delete. To find the names of your canaries, use DescribeCanaries .
Specifies whether to also delete the Lambda functions and layers used by this canary. The default is false.
Type: Boolean
dict
Response Syntax
{}
Response Structure
Exceptions
This operation returns a list of the canaries in your account, along with full details about each canary.
This operation supports resource-level authorization using an IAM policy and the Names parameter. If you specify the Names parameter, the operation is successful only if you have authorization to view all the canaries that you specify in your request. If you do not have permission to view any of the canaries, the request fails with a 403 response.
You are required to use the Names parameter if you are logged on to a user or role that has an IAM policy that restricts which canaries that you are allowed to view. For more information, see Limiting a user to viewing specific canaries .
See also: AWS API Documentation
Request Syntax
response = client.describe_canaries(
NextToken='string',
MaxResults=123,
Names=[
'string',
]
)
Use this parameter to return only canaries that match the names that you specify here. You can specify as many as five canary names.
If you specify this parameter, the operation is successful only if you have authorization to view all the canaries that you specify in your request. If you do not have permission to view any of the canaries, the request fails with a 403 response.
You are required to use this parameter if you are logged on to a user or role that has an IAM policy that restricts which canaries that you are allowed to view. For more information, see Limiting a user to viewing specific canaries .
dict
Response Syntax
{
'Canaries': [
{
'Id': 'string',
'Name': 'string',
'Code': {
'SourceLocationArn': 'string',
'Handler': 'string'
},
'ExecutionRoleArn': 'string',
'Schedule': {
'Expression': 'string',
'DurationInSeconds': 123
},
'RunConfig': {
'TimeoutInSeconds': 123,
'MemoryInMB': 123,
'ActiveTracing': True|False
},
'SuccessRetentionPeriodInDays': 123,
'FailureRetentionPeriodInDays': 123,
'Status': {
'State': 'CREATING'|'READY'|'STARTING'|'RUNNING'|'UPDATING'|'STOPPING'|'STOPPED'|'ERROR'|'DELETING',
'StateReason': 'string',
'StateReasonCode': 'INVALID_PERMISSIONS'|'CREATE_PENDING'|'CREATE_IN_PROGRESS'|'CREATE_FAILED'|'UPDATE_PENDING'|'UPDATE_IN_PROGRESS'|'UPDATE_COMPLETE'|'ROLLBACK_COMPLETE'|'ROLLBACK_FAILED'|'DELETE_IN_PROGRESS'|'DELETE_FAILED'|'SYNC_DELETE_IN_PROGRESS'
},
'Timeline': {
'Created': datetime(2015, 1, 1),
'LastModified': datetime(2015, 1, 1),
'LastStarted': datetime(2015, 1, 1),
'LastStopped': datetime(2015, 1, 1)
},
'ArtifactS3Location': 'string',
'EngineArn': 'string',
'RuntimeVersion': 'string',
'VpcConfig': {
'VpcId': 'string',
'SubnetIds': [
'string',
],
'SecurityGroupIds': [
'string',
]
},
'VisualReference': {
'BaseScreenshots': [
{
'ScreenshotName': 'string',
'IgnoreCoordinates': [
'string',
]
},
],
'BaseCanaryRunId': 'string'
},
'Tags': {
'string': 'string'
},
'ArtifactConfig': {
'S3Encryption': {
'EncryptionMode': 'SSE_S3'|'SSE_KMS',
'KmsKeyArn': 'string'
}
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Canaries (list) --
Returns an array. Each item in the array contains the full information about one canary.
(dict) --
This structure contains all information about one canary in your account.
Id (string) --
The unique ID of this canary.
Name (string) --
The name of the canary.
Code (dict) --
This structure contains information about the canary's Lambda handler and where its code is stored by CloudWatch Synthetics.
SourceLocationArn (string) --
The ARN of the Lambda layer where Synthetics stores the canary script code.
Handler (string) --
The entry point to use for the source code when running the canary.
ExecutionRoleArn (string) --
The ARN of the IAM role used to run the canary. This role must include lambda.amazonaws.com as a principal in the trust policy.
Schedule (dict) --
A structure that contains information about how often the canary is to run, and when these runs are to stop.
Expression (string) --
A rate expression or a cron expression that defines how often the canary is to run.
For a rate expression, The syntax is rate(*number unit* ) . unit can be minute , minutes , or hour .
For example, rate(1 minute) runs the canary once a minute, rate(10 minutes) runs it once every 10 minutes, and rate(1 hour) runs it once every hour. You can specify a frequency between rate(1 minute) and rate(1 hour) .
Specifying rate(0 minute) or rate(0 hour) is a special value that causes the canary to run only once when it is started.
Use cron(*expression* ) to specify a cron expression. For information about the syntax for cron expressions, see Scheduling canary runs using cron .
DurationInSeconds (integer) --
How long, in seconds, for the canary to continue making regular runs after it was created. The runs are performed according to the schedule in the Expression value.
RunConfig (dict) --
A structure that contains information about a canary run.
TimeoutInSeconds (integer) --
How long the canary is allowed to run before it must stop.
MemoryInMB (integer) --
The maximum amount of memory available to the canary while it is running, in MB. This value must be a multiple of 64.
ActiveTracing (boolean) --
Displays whether this canary run used active X-Ray tracing.
SuccessRetentionPeriodInDays (integer) --
The number of days to retain data about successful runs of this canary.
FailureRetentionPeriodInDays (integer) --
The number of days to retain data about failed runs of this canary.
Status (dict) --
A structure that contains information about the canary's status.
State (string) --
The current state of the canary.
StateReason (string) --
If the canary has insufficient permissions to run, this field provides more details.
StateReasonCode (string) --
If the canary cannot run or has failed, this field displays the reason.
Timeline (dict) --
A structure that contains information about when the canary was created, modified, and most recently run.
Created (datetime) --
The date and time the canary was created.
LastModified (datetime) --
The date and time the canary was most recently modified.
LastStarted (datetime) --
The date and time that the canary's most recent run started.
LastStopped (datetime) --
The date and time that the canary's most recent run ended.
ArtifactS3Location (string) --
The location in Amazon S3 where Synthetics stores artifacts from the runs of this canary. Artifacts include the log file, screenshots, and HAR files.
EngineArn (string) --
The ARN of the Lambda function that is used as your canary's engine. For more information about Lambda ARN format, see Resources and Conditions for Lambda Actions .
RuntimeVersion (string) --
Specifies the runtime version to use for the canary. For more information about runtime versions, see Canary Runtime Versions .
VpcConfig (dict) --
If this canary is to test an endpoint in a VPC, this structure contains information about the subnets and security groups of the VPC endpoint. For more information, see Running a Canary in a VPC .
VpcId (string) --
The IDs of the VPC where this canary is to run.
SubnetIds (list) --
The IDs of the subnets where this canary is to run.
SecurityGroupIds (list) --
The IDs of the security groups for this canary.
VisualReference (dict) --
If this canary performs visual monitoring by comparing screenshots, this structure contains the ID of the canary run to use as the baseline for screenshots, and the coordinates of any parts of the screen to ignore during the visual monitoring comparison.
BaseScreenshots (list) --
An array of screenshots that are used as the baseline for comparisons during visual monitoring.
(dict) --
A structure representing a screenshot that is used as a baseline during visual monitoring comparisons made by the canary.
ScreenshotName (string) --
The name of the screenshot. This is generated the first time the canary is run after the UpdateCanary operation that specified for this canary to perform visual monitoring.
IgnoreCoordinates (list) --
Coordinates that define the part of a screen to ignore during screenshot comparisons. To obtain the coordinates to use here, use the CloudWatch Logs console to draw the boundaries on the screen. For more information, see {LINK}
BaseCanaryRunId (string) --
The ID of the canary run that produced the screenshots that are used as the baseline for visual monitoring comparisons during future runs of this canary.
Tags (dict) --
The list of key-value pairs that are associated with the canary.
ArtifactConfig (dict) --
A structure that contains the configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3.
S3Encryption (dict) --
A structure that contains the configuration of encryption settings for canary artifacts that are stored in Amazon S3.
EncryptionMode (string) --
The encryption method to use for artifacts created by this canary. Specify SSE_S3 to use server-side encryption (SSE) with an Amazon S3-managed key. Specify SSE-KMS to use server-side encryption with a customer-managed KMS key.
If you omit this parameter, an Amazon Web Services-managed KMS key is used.
KmsKeyArn (string) --
The ARN of the customer-managed KMS key to use, if you specify SSE-KMS for EncryptionMode
NextToken (string) --
A token that indicates that there is more data available. You can use this token in a subsequent DescribeCanaries operation to retrieve the next set of results.
Exceptions
Use this operation to see information from the most recent run of each canary that you have created.
This operation supports resource-level authorization using an IAM policy and the Names parameter. If you specify the Names parameter, the operation is successful only if you have authorization to view all the canaries that you specify in your request. If you do not have permission to view any of the canaries, the request fails with a 403 response.
You are required to use the Names parameter if you are logged on to a user or role that has an IAM policy that restricts which canaries that you are allowed to view. For more information, see Limiting a user to viewing specific canaries .
See also: AWS API Documentation
Request Syntax
response = client.describe_canaries_last_run(
NextToken='string',
MaxResults=123,
Names=[
'string',
]
)
Use this parameter to return only canaries that match the names that you specify here. You can specify as many as five canary names.
If you specify this parameter, the operation is successful only if you have authorization to view all the canaries that you specify in your request. If you do not have permission to view any of the canaries, the request fails with a 403 response.
You are required to use the Names parameter if you are logged on to a user or role that has an IAM policy that restricts which canaries that you are allowed to view. For more information, see Limiting a user to viewing specific canaries .
dict
Response Syntax
{
'CanariesLastRun': [
{
'CanaryName': 'string',
'LastRun': {
'Id': 'string',
'Name': 'string',
'Status': {
'State': 'RUNNING'|'PASSED'|'FAILED',
'StateReason': 'string',
'StateReasonCode': 'CANARY_FAILURE'|'EXECUTION_FAILURE'
},
'Timeline': {
'Started': datetime(2015, 1, 1),
'Completed': datetime(2015, 1, 1)
},
'ArtifactS3Location': 'string'
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
CanariesLastRun (list) --
An array that contains the information from the most recent run of each canary.
(dict) --
This structure contains information about the most recent run of a single canary.
CanaryName (string) --
The name of the canary.
LastRun (dict) --
The results from this canary's most recent run.
Id (string) --
A unique ID that identifies this canary run.
Name (string) --
The name of the canary.
Status (dict) --
The status of this run.
State (string) --
The current state of the run.
StateReason (string) --
If run of the canary failed, this field contains the reason for the error.
StateReasonCode (string) --
If this value is CANARY_FAILURE , an exception occurred in the canary code. If this value is EXECUTION_FAILURE , an exception occurred in CloudWatch Synthetics.
Timeline (dict) --
A structure that contains the start and end times of this run.
Started (datetime) --
The start time of the run.
Completed (datetime) --
The end time of the run.
ArtifactS3Location (string) --
The location where the canary stored artifacts from the run. Artifacts include the log file, screenshots, and HAR files.
NextToken (string) --
A token that indicates that there is more data available. You can use this token in a subsequent DescribeCanariesLastRun operation to retrieve the next set of results.
Exceptions
Returns a list of Synthetics canary runtime versions. For more information, see Canary Runtime Versions .
See also: AWS API Documentation
Request Syntax
response = client.describe_runtime_versions(
NextToken='string',
MaxResults=123
)
dict
Response Syntax
{
'RuntimeVersions': [
{
'VersionName': 'string',
'Description': 'string',
'ReleaseDate': datetime(2015, 1, 1),
'DeprecationDate': datetime(2015, 1, 1)
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
RuntimeVersions (list) --
An array of objects that display the details about each Synthetics canary runtime version.
(dict) --
This structure contains information about one canary runtime version. For more information about runtime versions, see Canary Runtime Versions .
VersionName (string) --
The name of the runtime version. For a list of valid runtime versions, see Canary Runtime Versions .
Description (string) --
A description of the runtime version, created by Amazon.
ReleaseDate (datetime) --
The date that the runtime version was released.
DeprecationDate (datetime) --
If this runtime version is deprecated, this value is the date of deprecation.
NextToken (string) --
A token that indicates that there is more data available. You can use this token in a subsequent DescribeRuntimeVersions operation to retrieve the next set of results.
Exceptions
Retrieves complete information about one canary. You must specify the name of the canary that you want. To get a list of canaries and their names, use DescribeCanaries .
See also: AWS API Documentation
Request Syntax
response = client.get_canary(
Name='string'
)
[REQUIRED]
The name of the canary that you want details for.
{
'Canary': {
'Id': 'string',
'Name': 'string',
'Code': {
'SourceLocationArn': 'string',
'Handler': 'string'
},
'ExecutionRoleArn': 'string',
'Schedule': {
'Expression': 'string',
'DurationInSeconds': 123
},
'RunConfig': {
'TimeoutInSeconds': 123,
'MemoryInMB': 123,
'ActiveTracing': True|False
},
'SuccessRetentionPeriodInDays': 123,
'FailureRetentionPeriodInDays': 123,
'Status': {
'State': 'CREATING'|'READY'|'STARTING'|'RUNNING'|'UPDATING'|'STOPPING'|'STOPPED'|'ERROR'|'DELETING',
'StateReason': 'string',
'StateReasonCode': 'INVALID_PERMISSIONS'|'CREATE_PENDING'|'CREATE_IN_PROGRESS'|'CREATE_FAILED'|'UPDATE_PENDING'|'UPDATE_IN_PROGRESS'|'UPDATE_COMPLETE'|'ROLLBACK_COMPLETE'|'ROLLBACK_FAILED'|'DELETE_IN_PROGRESS'|'DELETE_FAILED'|'SYNC_DELETE_IN_PROGRESS'
},
'Timeline': {
'Created': datetime(2015, 1, 1),
'LastModified': datetime(2015, 1, 1),
'LastStarted': datetime(2015, 1, 1),
'LastStopped': datetime(2015, 1, 1)
},
'ArtifactS3Location': 'string',
'EngineArn': 'string',
'RuntimeVersion': 'string',
'VpcConfig': {
'VpcId': 'string',
'SubnetIds': [
'string',
],
'SecurityGroupIds': [
'string',
]
},
'VisualReference': {
'BaseScreenshots': [
{
'ScreenshotName': 'string',
'IgnoreCoordinates': [
'string',
]
},
],
'BaseCanaryRunId': 'string'
},
'Tags': {
'string': 'string'
},
'ArtifactConfig': {
'S3Encryption': {
'EncryptionMode': 'SSE_S3'|'SSE_KMS',
'KmsKeyArn': 'string'
}
}
}
}
Response Structure
A strucure that contains the full information about the canary.
The unique ID of this canary.
The name of the canary.
This structure contains information about the canary's Lambda handler and where its code is stored by CloudWatch Synthetics.
The ARN of the Lambda layer where Synthetics stores the canary script code.
The entry point to use for the source code when running the canary.
The ARN of the IAM role used to run the canary. This role must include lambda.amazonaws.com as a principal in the trust policy.
A structure that contains information about how often the canary is to run, and when these runs are to stop.
A rate expression or a cron expression that defines how often the canary is to run.
For a rate expression, The syntax is rate(*number unit* ) . unit can be minute , minutes , or hour .
For example, rate(1 minute) runs the canary once a minute, rate(10 minutes) runs it once every 10 minutes, and rate(1 hour) runs it once every hour. You can specify a frequency between rate(1 minute) and rate(1 hour) .
Specifying rate(0 minute) or rate(0 hour) is a special value that causes the canary to run only once when it is started.
Use cron(*expression* ) to specify a cron expression. For information about the syntax for cron expressions, see Scheduling canary runs using cron .
How long, in seconds, for the canary to continue making regular runs after it was created. The runs are performed according to the schedule in the Expression value.
A structure that contains information about a canary run.
How long the canary is allowed to run before it must stop.
The maximum amount of memory available to the canary while it is running, in MB. This value must be a multiple of 64.
Displays whether this canary run used active X-Ray tracing.
The number of days to retain data about successful runs of this canary.
The number of days to retain data about failed runs of this canary.
A structure that contains information about the canary's status.
The current state of the canary.
If the canary has insufficient permissions to run, this field provides more details.
If the canary cannot run or has failed, this field displays the reason.
A structure that contains information about when the canary was created, modified, and most recently run.
The date and time the canary was created.
The date and time the canary was most recently modified.
The date and time that the canary's most recent run started.
The date and time that the canary's most recent run ended.
The location in Amazon S3 where Synthetics stores artifacts from the runs of this canary. Artifacts include the log file, screenshots, and HAR files.
The ARN of the Lambda function that is used as your canary's engine. For more information about Lambda ARN format, see Resources and Conditions for Lambda Actions .
Specifies the runtime version to use for the canary. For more information about runtime versions, see Canary Runtime Versions .
If this canary is to test an endpoint in a VPC, this structure contains information about the subnets and security groups of the VPC endpoint. For more information, see Running a Canary in a VPC .
The IDs of the VPC where this canary is to run.
The IDs of the subnets where this canary is to run.
The IDs of the security groups for this canary.
If this canary performs visual monitoring by comparing screenshots, this structure contains the ID of the canary run to use as the baseline for screenshots, and the coordinates of any parts of the screen to ignore during the visual monitoring comparison.
An array of screenshots that are used as the baseline for comparisons during visual monitoring.
A structure representing a screenshot that is used as a baseline during visual monitoring comparisons made by the canary.
The name of the screenshot. This is generated the first time the canary is run after the UpdateCanary operation that specified for this canary to perform visual monitoring.
Coordinates that define the part of a screen to ignore during screenshot comparisons. To obtain the coordinates to use here, use the CloudWatch Logs console to draw the boundaries on the screen. For more information, see {LINK}
The ID of the canary run that produced the screenshots that are used as the baseline for visual monitoring comparisons during future runs of this canary.
The list of key-value pairs that are associated with the canary.
A structure that contains the configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3.
A structure that contains the configuration of encryption settings for canary artifacts that are stored in Amazon S3.
The encryption method to use for artifacts created by this canary. Specify SSE_S3 to use server-side encryption (SSE) with an Amazon S3-managed key. Specify SSE-KMS to use server-side encryption with a customer-managed KMS key.
If you omit this parameter, an Amazon Web Services-managed KMS key is used.
The ARN of the customer-managed KMS key to use, if you specify SSE-KMS for EncryptionMode
Exceptions
Retrieves a list of runs for a specified canary.
See also: AWS API Documentation
Request Syntax
response = client.get_canary_runs(
Name='string',
NextToken='string',
MaxResults=123
)
[REQUIRED]
The name of the canary that you want to see runs for.
dict
Response Syntax
{
'CanaryRuns': [
{
'Id': 'string',
'Name': 'string',
'Status': {
'State': 'RUNNING'|'PASSED'|'FAILED',
'StateReason': 'string',
'StateReasonCode': 'CANARY_FAILURE'|'EXECUTION_FAILURE'
},
'Timeline': {
'Started': datetime(2015, 1, 1),
'Completed': datetime(2015, 1, 1)
},
'ArtifactS3Location': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
CanaryRuns (list) --
An array of structures. Each structure contains the details of one of the retrieved canary runs.
(dict) --
This structure contains the details about one run of one canary.
Id (string) --
A unique ID that identifies this canary run.
Name (string) --
The name of the canary.
Status (dict) --
The status of this run.
State (string) --
The current state of the run.
StateReason (string) --
If run of the canary failed, this field contains the reason for the error.
StateReasonCode (string) --
If this value is CANARY_FAILURE , an exception occurred in the canary code. If this value is EXECUTION_FAILURE , an exception occurred in CloudWatch Synthetics.
Timeline (dict) --
A structure that contains the start and end times of this run.
Started (datetime) --
The start time of the run.
Completed (datetime) --
The end time of the run.
ArtifactS3Location (string) --
The location where the canary stored artifacts from the run. Artifacts include the log file, screenshots, and HAR files.
NextToken (string) --
A token that indicates that there is more data available. You can use this token in a subsequent GetCanaryRuns operation to retrieve the next set of results.
Exceptions
Create a paginator for an operation.
Returns an object that can wait for some condition.
Displays the tags associated with a canary.
See also: AWS API Documentation
Request Syntax
response = client.list_tags_for_resource(
ResourceArn='string'
)
[REQUIRED]
The ARN of the canary that you want to view tags for.
The ARN format of a canary is ``arn:aws:synthetics:Region :account-id :canary:canary-name `` .
{
'Tags': {
'string': 'string'
}
}
Response Structure
The list of tag keys and values associated with the canary that you specified.
Exceptions
Use this operation to run a canary that has already been created. The frequency of the canary runs is determined by the value of the canary's Schedule . To see a canary's schedule, use GetCanary .
See also: AWS API Documentation
Request Syntax
response = client.start_canary(
Name='string'
)
[REQUIRED]
The name of the canary that you want to run. To find canary names, use DescribeCanaries .
{}
Response Structure
Exceptions
Stops the canary to prevent all future runs. If the canary is currently running, Synthetics stops waiting for the current run of the specified canary to complete. The run that is in progress completes on its own, publishes metrics, and uploads artifacts, but it is not recorded in Synthetics as a completed run.
You can use StartCanary to start it running again with the canary’s current schedule at any point in the future.
See also: AWS API Documentation
Request Syntax
response = client.stop_canary(
Name='string'
)
[REQUIRED]
The name of the canary that you want to stop. To find the names of your canaries, use DescribeCanaries .
{}
Response Structure
Exceptions
Assigns one or more tags (key-value pairs) to the specified canary.
Tags can help you organize and categorize your resources. You can also use them to scope user permissions, by granting a user permission to access or change only resources with certain tag values.
Tags don't have any semantic meaning to Amazon Web Services and are interpreted strictly as strings of characters.
You can use the TagResource action with a canary that already has tags. If you specify a new tag key for the alarm, this tag is appended to the list of tags associated with the alarm. If you specify a tag key that is already associated with the alarm, the new tag value that you specify replaces the previous value for that tag.
You can associate as many as 50 tags with a canary.
See also: AWS API Documentation
Request Syntax
response = client.tag_resource(
ResourceArn='string',
Tags={
'string': 'string'
}
)
[REQUIRED]
The ARN of the canary that you're adding tags to.
The ARN format of a canary is ``arn:aws:synthetics:Region :account-id :canary:canary-name `` .
[REQUIRED]
The list of key-value pairs to associate with the canary.
dict
Response Syntax
{}
Response Structure
Exceptions
Removes one or more tags from the specified canary.
See also: AWS API Documentation
Request Syntax
response = client.untag_resource(
ResourceArn='string',
TagKeys=[
'string',
]
)
[REQUIRED]
The ARN of the canary that you're removing tags from.
The ARN format of a canary is ``arn:aws:synthetics:Region :account-id :canary:canary-name `` .
[REQUIRED]
The list of tag keys to remove from the resource.
dict
Response Syntax
{}
Response Structure
Exceptions
Use this operation to change the settings of a canary that has already been created.
You can't use this operation to update the tags of an existing canary. To change the tags of an existing canary, use TagResource .
See also: AWS API Documentation
Request Syntax
response = client.update_canary(
Name='string',
Code={
'S3Bucket': 'string',
'S3Key': 'string',
'S3Version': 'string',
'ZipFile': b'bytes',
'Handler': 'string'
},
ExecutionRoleArn='string',
RuntimeVersion='string',
Schedule={
'Expression': 'string',
'DurationInSeconds': 123
},
RunConfig={
'TimeoutInSeconds': 123,
'MemoryInMB': 123,
'ActiveTracing': True|False,
'EnvironmentVariables': {
'string': 'string'
}
},
SuccessRetentionPeriodInDays=123,
FailureRetentionPeriodInDays=123,
VpcConfig={
'SubnetIds': [
'string',
],
'SecurityGroupIds': [
'string',
]
},
VisualReference={
'BaseScreenshots': [
{
'ScreenshotName': 'string',
'IgnoreCoordinates': [
'string',
]
},
],
'BaseCanaryRunId': 'string'
},
ArtifactS3Location='string',
ArtifactConfig={
'S3Encryption': {
'EncryptionMode': 'SSE_S3'|'SSE_KMS',
'KmsKeyArn': 'string'
}
}
)
[REQUIRED]
The name of the canary that you want to update. To find the names of your canaries, use DescribeCanaries .
You cannot change the name of a canary that has already been created.
A structure that includes the entry point from which the canary should start running your script. If the script is stored in an S3 bucket, the bucket name, key, and version are also included.
If your canary script is located in S3, specify the bucket name here. Do not include s3:// as the start of the bucket name.
The S3 key of your script. For more information, see Working with Amazon S3 Objects .
The S3 version ID of your script.
If you input your canary script directly into the canary instead of referring to an S3 location, the value of this parameter is the base64-encoded contents of the .zip file that contains the script. It must be smaller than 225 Kb.
For large canary scripts, we recommend that you use an S3 location instead of inputting it directly with this parameter.
The entry point to use for the source code when running the canary. For canaries that use the syn-python-selenium-1.0 runtime or a syn-nodejs.puppeteer runtime earlier than syn-nodejs.puppeteer-3.4 , the handler must be specified as `` fileName .handler`` . For syn-python-selenium-1.1 , syn-nodejs.puppeteer-3.4 , and later runtimes, the handler can be specified as `` fileName .*functionName* `` , or you can specify a folder where canary scripts reside as `` folder /fileName .*functionName* `` .
The ARN of the IAM role to be used to run the canary. This role must already exist, and must include lambda.amazonaws.com as a principal in the trust policy. The role must also have the following permissions:
A structure that contains information about how often the canary is to run, and when these runs are to stop.
A rate expression or a cron expression that defines how often the canary is to run.
For a rate expression, The syntax is rate(*number unit* ) . unit can be minute , minutes , or hour .
For example, rate(1 minute) runs the canary once a minute, rate(10 minutes) runs it once every 10 minutes, and rate(1 hour) runs it once every hour. You can specify a frequency between rate(1 minute) and rate(1 hour) .
Specifying rate(0 minute) or rate(0 hour) is a special value that causes the canary to run only once when it is started.
Use cron(*expression* ) to specify a cron expression. You can't schedule a canary to wait for more than a year before running. For information about the syntax for cron expressions, see Scheduling canary runs using cron .
How long, in seconds, for the canary to continue making regular runs according to the schedule in the Expression value. If you specify 0, the canary continues making runs until you stop it. If you omit this field, the default of 0 is used.
A structure that contains the timeout value that is used for each individual run of the canary.
How long the canary is allowed to run before it must stop. You can't set this time to be longer than the frequency of the runs of this canary.
If you omit this field, the frequency of the canary is used as this value, up to a maximum of 14 minutes.
The maximum amount of memory available to the canary while it is running, in MB. This value must be a multiple of 64.
Specifies whether this canary is to use active X-Ray tracing when it runs. Active tracing enables this canary run to be displayed in the ServiceLens and X-Ray service maps even if the canary does not hit an endpoint that has X-Ray tracing enabled. Using X-Ray tracing incurs charges. For more information, see Canaries and X-Ray tracing .
You can enable active tracing only for canaries that use version syn-nodejs-2.0 or later for their canary runtime.
Specifies the keys and values to use for any environment variables used in the canary script. Use the following format:
{ "key1" : "value1", "key2" : "value2", ...}
Keys must start with a letter and be at least two characters. The total size of your environment variables cannot exceed 4 KB. You can't specify any Lambda reserved environment variables as the keys for your environment variables. For more information about reserved keys, see Runtime environment variables .
If this canary is to test an endpoint in a VPC, this structure contains information about the subnet and security groups of the VPC endpoint. For more information, see Running a Canary in a VPC .
The IDs of the subnets where this canary is to run.
The IDs of the security groups for this canary.
Defines the screenshots to use as the baseline for comparisons during visual monitoring comparisons during future runs of this canary. If you omit this parameter, no changes are made to any baseline screenshots that the canary might be using already.
Visual monitoring is supported only on canaries running the syn-puppeteer-node-3.2 runtime or later. For more information, see Visual monitoring and Visual monitoring blueprint
An array of screenshots that will be used as the baseline for visual monitoring in future runs of this canary. If there is a screenshot that you don't want to be used for visual monitoring, remove it from this array.
A structure representing a screenshot that is used as a baseline during visual monitoring comparisons made by the canary.
The name of the screenshot. This is generated the first time the canary is run after the UpdateCanary operation that specified for this canary to perform visual monitoring.
Coordinates that define the part of a screen to ignore during screenshot comparisons. To obtain the coordinates to use here, use the CloudWatch Logs console to draw the boundaries on the screen. For more information, see {LINK}
Specifies which canary run to use the screenshots from as the baseline for future visual monitoring with this canary. Valid values are nextrun to use the screenshots from the next run after this update is made, lastrun to use the screenshots from the most recent run before this update was made, or the value of Id in the CanaryRun from any past run of this canary.
A structure that contains the configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3.
A structure that contains the configuration of the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3. Artifact encryption functionality is available only for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later. For more information, see Encrypting canary artifacts
The encryption method to use for artifacts created by this canary. Specify SSE_S3 to use server-side encryption (SSE) with an Amazon S3-managed key. Specify SSE-KMS to use server-side encryption with a customer-managed KMS key.
If you omit this parameter, an Amazon Web Services-managed KMS key is used.
The ARN of the customer-managed KMS key to use, if you specify SSE-KMS for EncryptionMode
dict
Response Syntax
{}
Response Structure
Exceptions
The available paginators are: