SecurityLake / Client / create_aws_log_source

create_aws_log_source#

SecurityLake.Client.create_aws_log_source(**kwargs)#

Adds a natively supported Amazon Web Services service as an Amazon Security Lake source. Enables source types for member accounts in required Amazon Web Services Regions, based on the parameters you specify. You can choose any source type in any Region for either accounts that are part of a trusted organization or standalone accounts. Once you add an Amazon Web Services service as a source, Security Lake starts collecting logs and events from it.

You can use this API only to enable natively supported Amazon Web Services services as a source. Use CreateCustomLogSource to enable data collection from a custom source.

See also: AWS API Documentation

Request Syntax

response = client.create_aws_log_source(
    sources=[
        {
            'accounts': [
                'string',
            ],
            'regions': [
                'string',
            ],
            'sourceName': 'ROUTE53'|'VPC_FLOW'|'SH_FINDINGS'|'CLOUD_TRAIL_MGMT'|'LAMBDA_EXECUTION'|'S3_DATA'|'EKS_AUDIT'|'WAF',
            'sourceVersion': 'string'
        },
    ]
)
Parameters:

sources (list) –

[REQUIRED]

Specify the natively-supported Amazon Web Services service to add as a source in Security Lake.

  • (dict) –

    To add a natively-supported Amazon Web Services service as a log source, use these parameters to specify the configuration settings for the log source.

    • accounts (list) –

      Specify the Amazon Web Services account information where you want to enable Security Lake.

      • (string) –

    • regions (list) – [REQUIRED]

      Specify the Regions where you want to enable Security Lake.

      • (string) –

    • sourceName (string) – [REQUIRED]

      The name for a Amazon Web Services source.

    • sourceVersion (string) –

      The version for a Amazon Web Services source.

Return type:

dict

Returns:

Response Syntax

{
    'failed': [
        'string',
    ]
}

Response Structure

  • (dict) –

    • failed (list) –

      Lists all accounts in which enabling a natively supported Amazon Web Services service as a Security Lake source failed. The failure occurred as these accounts are not part of an organization.

      • (string) –

Exceptions

  • SecurityLake.Client.exceptions.BadRequestException

  • SecurityLake.Client.exceptions.ResourceNotFoundException

  • SecurityLake.Client.exceptions.InternalServerException

  • SecurityLake.Client.exceptions.AccessDeniedException

  • SecurityLake.Client.exceptions.ConflictException

  • SecurityLake.Client.exceptions.ThrottlingException