Posted On: Jan 11, 2024
Amazon CloudWatch Logs is excited to announce support for creating account-level subscription filters using the put-account-policy API. This new capability enables you to deliver real-time log events that are ingested into Amazon CloudWatch Logs to an Amazon Kinesis Data Stream, Amazon Kinesis Data Firehose, or AWS Lambda for custom processing, analysis, or delivery to other destinations using a single account level subscription filter.
Customers often need to forward all or a subset of logs to AWS services such as Amazon OpenSearch for various analytical use cases or Amazon Kinesis Data Firehose for further streaming to other systems. Currently, customers have to set up a subscription filter for each log group. However, with account-level subscription filters, customers can egress logs ingested into multiple or all log groups by setting up a single subscription filter policy for the entire account. This saves time and reduces management overhead. The account-level subscription filter applies to both existing log groups and any future log groups that match the configuration. Each account can create one account-level subscription filter.
CloudWatch Logs Account-level Subscription Filter is available in all AWS commercial regions except Israel (Tel Aviv) and Canada West (Calgary). To learn more, please refer to the documentation on CloudWatch Logs Account Level Subscription Filters.
Jan 16, 2024 - This post has been updated to accurately represent the regional availability of the feature.