create_aws_log_source

create_aws_log_source(**kwargs)

Adds a natively supported Amazon Web Service as an Amazon Security Lake source. Enables source types for member accounts in required Amazon Web Services Regions, based on the parameters you specify. You can choose any source type in any Region for either accounts that are part of a trusted organization or standalone accounts. At least one of the three dimensions is a mandatory input to this API. However, you can supply any combination of the three dimensions to this API.

By default, a dimension refers to the entire set. When you don't provide a dimension, Security Lake assumes that the missing dimension refers to the entire set. This is overridden when you supply any one of the inputs. For instance, when you do not specify members, the API enables all Security Lake member accounts for all sources. Similarly, when you do not specify Regions, Security Lake is enabled for all the Regions where Security Lake is available as a service.

You can use this API only to enable natively supported Amazon Web Services as a source. Use CreateCustomLogSource to enable data collection from a custom source.

See also: AWS API Documentation

Request Syntax

response = client.create_aws_log_source(
    enableAllDimensions={
        'string': {
            'string': [
                'string',
            ]
        }
    },
    enableSingleDimension=[
        'string',
    ],
    enableTwoDimensions={
        'string': [
            'string',
        ]
    },
    inputOrder=[
        'REGION'|'SOURCE_TYPE'|'MEMBER',
    ]
)
Parameters
  • enableAllDimensions (dict) --

    Enables data collection from specific Amazon Web Services sources in all specific accounts and specific Regions.

    • (string) --
      • (dict) --
        • (string) --
          • (list) --
            • (string) --
  • enableSingleDimension (list) --

    Enables data collection from all Amazon Web Services sources in specific accounts or Regions.

    • (string) --
  • enableTwoDimensions (dict) --

    Enables data collection from specific Amazon Web Services sources in specific accounts or Regions.

    • (string) --
      • (list) --
        • (string) --
  • inputOrder (list) --

    [REQUIRED]

    Specifies the input order to enable dimensions in Security Lake, namely Region, source type, and member account.

    • (string) --
Return type

dict

Returns

Response Syntax

{
    'failed': [
        'string',
    ],
    'processing': [
        'string',
    ]
}

Response Structure

  • (dict) --

    • failed (list) --

      Lists all accounts in which enabling a natively supported Amazon Web Service as a Security Lake source failed. The failure occurred as these accounts are not part of an organization.

      • (string) --
    • processing (list) --

      Lists the accounts that are in the process of enabling a natively supported Amazon Web Service as a Security Lake source.

      • (string) --

Exceptions

  • SecurityLake.Client.exceptions.InternalServerException
  • SecurityLake.Client.exceptions.ValidationException
  • SecurityLake.Client.exceptions.S3Exception
  • SecurityLake.Client.exceptions.AccessDeniedException
  • SecurityLake.Client.exceptions.ResourceNotFoundException
  • SecurityLake.Client.exceptions.AccountNotFoundException