VPCLattice / Client / create_access_log_subscription

create_access_log_subscription#

VPCLattice.Client.create_access_log_subscription(**kwargs)#

Enables access logs to be sent to Amazon CloudWatch, Amazon S3, and Amazon Kinesis Data Firehose. The service network owner can use the access logs to audit the services in the network. The service network owner will only see access logs from clients and services that are associated with their service network. Access log entries represent traffic originated from VPCs associated with that network. For more information, see Access logs in the Amazon VPC Lattice User Guide.

See also: AWS API Documentation

Request Syntax

response = client.create_access_log_subscription(
    clientToken='string',
    destinationArn='string',
    resourceIdentifier='string',
    tags={
        'string': 'string'
    }
)
Parameters:

  • clientToken (string) –

    A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If you retry a request that completed successfully using the same client token and parameters, the retry succeeds without performing any actions. If the parameters aren’t identical, the retry fails.

    This field is autopopulated if not provided.

  • destinationArn (string) –

    [REQUIRED]

    The Amazon Resource Name (ARN) of the destination. The supported destination types are CloudWatch Log groups, Kinesis Data Firehose delivery streams, and Amazon S3 buckets.

  • resourceIdentifier (string) –

    [REQUIRED]

    The ID or Amazon Resource Name (ARN) of the service network or service.

  • tags (dict) –

    The tags for the access log subscription.

    • (string) –

      The key of the tag.

      Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws:.

      • (string) –

        The value of the tag.

        Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @

Return type:

dict

Returns:

Response Syntax

{
    'arn': 'string',
    'destinationArn': 'string',
    'id': 'string',
    'resourceArn': 'string',
    'resourceId': 'string'
}

Response Structure

  • (dict) –

    • arn (string) –

      The Amazon Resource Name (ARN) of the access log subscription.

    • destinationArn (string) –

      The Amazon Resource Name (ARN) of the log destination.

    • id (string) –

      The ID of the access log subscription.

    • resourceArn (string) –

      The Amazon Resource Name (ARN) of the service network or service.

    • resourceId (string) –

      The ID of the service network or service.

Exceptions

  • VPCLattice.Client.exceptions.ValidationException

  • VPCLattice.Client.exceptions.AccessDeniedException

  • VPCLattice.Client.exceptions.ThrottlingException

  • VPCLattice.Client.exceptions.ResourceNotFoundException

  • VPCLattice.Client.exceptions.ConflictException

  • VPCLattice.Client.exceptions.InternalServerException