View Source AWS.AIOps (aws-elixir v1.0.7)

The CloudWatch investigations feature is a generative AI-powered assistant that can help you respond to incidents in your system.

It uses generative AI to scan your system's telemetry and quickly surface suggestions that might be related to your issue. These suggestions include metrics, logs, deployment events, and root-cause hypotheses.

You can use API actions to create, manage, and delete investigation groups and investigation group policies. To start and manage investigations, you must use the CloudWatch console.

Link to this section Summary

Functions

Creates an investigation group in your account.

Deletes the specified investigation group from your account.

Removes the IAM resource policy from being associated with the investigation group that you specify.

Returns the configuration information for the specified investigation group.

Returns the IAM resource policy that is associated with the specified investigation group.

Returns the ARN and name of each investigation group in the account.

Displays the tags associated with a CloudWatch investigations resource.

Creates an IAM resource policy and assigns it to the specified investigation group.

Assigns one or more tags (key-value pairs) to the specified resource.

Removes one or more tags from the specified resource.

Updates the configuration of the specified investigation group.

Link to this section Functions

Link to this function

create_investigation_group(client, input, options \\ [])

View Source

Creates an investigation group in your account.

Creating an investigation group is a one-time setup task for each Region in your account. It is a necessary task to be able to perform investigations.

Settings in the investigation group help you centrally manage the common properties of your investigations, such as the following:

  • Who can access the investigations

  • Whether investigation data is encrypted with a customer managed Key Management Service key.

  • How long investigations and their data are retained by default.

Currently, you can have one investigation group in each Region in your account. Each investigation in a Region is a part of the investigation group in that Region

To create an investigation group and set up CloudWatch investigations, you must be signed in to an IAM principal that has the either the AIOpsConsoleAdminPolicy or the AdministratorAccess IAM policy attached, or to an account that has similar permissions.

You can configure CloudWatch alarms to start investigations and add events to investigations. If you create your investigation group with CreateInvestigationGroup and you want to enable alarms to do this, you must use PutInvestigationGroupPolicy to create a resource policy that grants this permission to CloudWatch alarms.

For more information about configuring CloudWatch alarms to work with CloudWatch investigations, see

Link to this function

delete_investigation_group(client, identifier, input, options \\ [])

View Source

Deletes the specified investigation group from your account.

You can currently have one investigation group per Region in your account. After you delete an investigation group, you can later create a new investigation group in the same Region.

Link to this function

delete_investigation_group_policy(client, identifier, input, options \\ [])

View Source

Removes the IAM resource policy from being associated with the investigation group that you specify.

Link to this function

get_investigation_group(client, identifier, options \\ [])

View Source

Returns the configuration information for the specified investigation group.

Link to this function

get_investigation_group_policy(client, identifier, options \\ [])

View Source

Returns the IAM resource policy that is associated with the specified investigation group.

Link to this function

list_investigation_groups(client, max_results \\ nil, next_token \\ nil, options \\ [])

View Source

Returns the ARN and name of each investigation group in the account.

Link to this function

list_tags_for_resource(client, resource_arn, options \\ [])

View Source

Displays the tags associated with a CloudWatch investigations resource.

Currently, investigation groups support tagging.

Link to this function

put_investigation_group_policy(client, identifier, input, options \\ [])

View Source

Creates an IAM resource policy and assigns it to the specified investigation group.

If you create your investigation group with CreateInvestigationGroup and you want to enable CloudWatch alarms to create investigations and add events to investigations, you must use this operation to create a policy similar to this example.

{ "Version": "2008-10-17", "Statement": [{ "Effect": "Allow", "Principal": { "Service": "aiops.alarms.cloudwatch.amazonaws.com" }, "Action": ["aiops:CreateInvestigation", "aiops:CreateInvestigationEvent"], "Resource": "*", "Condition": { "StringEquals": { "aws:SourceAccount": "*account-id*" }, "ArnLike": { "aws:SourceArn": "arn:aws:cloudwatch:*region*:*account-id*:alarm:*" } } }] }

Link to this function

tag_resource(client, resource_arn, input, options \\ [])

View Source

Assigns one or more tags (key-value pairs) to the specified resource.

Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.

Tags don't have any semantic meaning to Amazon Web Services and are interpreted strictly as strings of characters.

You can associate as many as 50 tags with a resource.

Link to this function

untag_resource(client, resource_arn, input, options \\ [])

View Source

Removes one or more tags from the specified resource.

Link to this function

update_investigation_group(client, identifier, input, options \\ [])

View Source

Updates the configuration of the specified investigation group.