Skip to content

Commit 60078db

Browse files
author
awstools
committed
docs(client-cloudwatch-logs): Doc-only update for CloudWatch Logs, for Tagging Permissions clarifications
1 parent ce7cc58 commit 60078db

File tree

3 files changed

+283
-299
lines changed

3 files changed

+283
-299
lines changed

clients/client-cloudwatch-logs/src/endpoint/ruleset.ts

Lines changed: 0 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -58,15 +58,6 @@ export const ruleSet: RuleSetObject = {
5858
},
5959
],
6060
},
61-
{
62-
fn: "parseURL",
63-
argv: [
64-
{
65-
ref: "Endpoint",
66-
},
67-
],
68-
assign: "url",
69-
},
7061
],
7162
type: "tree",
7263
rules: [

clients/client-cloudwatch-logs/src/models/models_0.ts

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -223,11 +223,13 @@ export interface CreateLogGroupRequest {
223223

224224
/**
225225
* <p>The key-value pairs to use for the tags.</p>
226-
* <p>CloudWatch Logs doesn’t support IAM policies that prevent users from assigning specified
227-
* tags to log groups using the <code>aws:Resource/<i>key-name</i>
228-
* </code> or
229-
* <code>aws:TagKeys</code> condition keys. For more information about using tags to control
230-
* access, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html">Controlling access to Amazon Web Services resources using tags</a>.</p>
226+
* <p>You can grant users access to certain log groups while preventing them from accessing other log groups.
227+
* To do so, tag your groups and use IAM policies that refer to those tags. To assign tags when
228+
* you create a log group, you must have either the <code>logs:TagResource</code> or <code>logs:TagLogGroup</code>
229+
* permission. For more information about tagging, see
230+
* <a href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging Amazon Web Services resources</a>.
231+
* For more information about using tags to control access, see
232+
* <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html">Controlling access to Amazon Web Services resources using tags</a>.</p>
231233
*/
232234
tags?: Record<string, string>;
233235
}

0 commit comments

Comments
 (0)