AWS::AIOps::InvestigationGroup - Amazon CloudFormation
SyntaxPropertiesReturn values
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

This is the new Amazon CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the Amazon CloudFormation User Guide.

AWS::AIOps::InvestigationGroup

Creates an investigation group in your account. Creating an investigation group is a one-time setup task for each Region in your account. It is a necessary task to be able to perform investigations.

Settings in the investigation group help you centrally manage the common properties of your investigations, such as the following:

  • Who can access the investigations

  • Whether investigation data is encrypted with a customer managed Amazon Key Management Service key.

  • How long investigations and their data are retained by default.

Currently, you can have one investigation group in each Region in your account. Each investigation in a Region is a part of the investigation group in that Region

To create an investigation group and set up Amazon Q Developer operational investigations, you must be signed in to an IAM principal that has the either the AIOpsConsoleAdminPolicy or the AdministratorAccessIAM policy attached, or to an account that has similar permissions.

Note

You can optionally configure CloudWatch alarms to start investigations and add events to investigations. The examples section on this page demonstrates creating an investigation group and an alarm at the same time.

For more information about configuring CloudWatch alarms to work with Amazon Q Developer operational investigations, see

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::AIOps::InvestigationGroup",
  "Properties" : {
      "ChatbotNotificationChannels" : [ ChatbotNotificationChannel, ... ],
      "CrossAccountConfigurations" : [ CrossAccountConfiguration, ... ],
      "EncryptionConfig" : EncryptionConfigMap,
      "InvestigationGroupPolicy" : String,
      "IsCloudTrailEventHistoryEnabled" : Boolean,
      "Name" : String,
      "RetentionInDays" : Integer,
      "RoleArn" : String,
      "TagKeyBoundaries" : [ String, ... ],
      "Tags" : [ Tag, ... ]
    }
}

Properties

ChatbotNotificationChannels

Use this property to integrate Amazon Q Developer operational investigations with Amazon Q in chat applications. This property is an array. For the first string, specify the ARN of an Amazon SNS topic. For the array of strings, specify the ARNs of one or more Amazon Q in chat applications configurations that you want to associate with that topic. For more information about these configuration ARNs, see Getting started with Amazon Q in chat applications and Resource type defined by Amazon Chatbot.

Required: No

Type: Array of ChatbotNotificationChannel

Update requires: No interruption

CrossAccountConfigurations

Property description not available.

Required: No

Type: Array of CrossAccountConfiguration

Update requires: No interruption

EncryptionConfig

Use this property to specify a customer managed Amazon KMS key to encrypt your investigation data. If you omit this property, Amazon Q Developer operational investigations will use an Amazon key to encrypt the data. For more information, see Encryption of investigation data.

Required: No

Type: EncryptionConfigMap

Update requires: No interruption

InvestigationGroupPolicy

Property description not available.

Required: No

Type: String

Update requires: No interruption

IsCloudTrailEventHistoryEnabled

Specify true to enable Amazon Q Developer operational investigations to have access to change events that are recorded by CloudTrail. The default is true.

Required: No

Type: Boolean

Update requires: No interruption

Name

A name for the investigation group.

Required: Yes

Type: String

Minimum: 1

Maximum: 512

Update requires: Replacement

RetentionInDays

Specify how long that investigation data is kept. For more information, see Operational investigation data retention.

If you omit this parameter, the default of 90 days is used.

Required: No

Type: Integer

Update requires: Replacement

RoleArn

Specify the ARN of the IAM role that Amazon Q Developer operational investigations will use when it gathers investigation data. The permissions in this role determine which of your resources that Amazon Q Developer operational investigations will have access to during investigations.

For more information, see How to control what data Amazon Q has access to during investigations.

Required: No

Type: String

Minimum: 20

Maximum: 2048

Update requires: No interruption

TagKeyBoundaries

Enter the existing custom tag keys for custom applications in your system. Resource tags help Amazon Q narrow the search space when it is unable to discover definite relationships between resources. For example, to discover that an Amazon ECS service depends on an Amazon RDS database, Amazon Q can discover this relationship using data sources such as X-Ray and CloudWatch Application Signals. However, if you haven't deployed these features, Amazon Q will attempt to identify possible relationships. Tag boundaries can be used to narrow the resources that will be discovered by Amazon Q in these cases.

You don't need to enter tags created by myApplications or Amazon CloudFormation, because Amazon Q can automatically detect those tags.

Required: No

Type: Array of String

Minimum: 1

Maximum: 200

Update requires: No interruption

Tags

A list of key-value pairs to associate with the investigation group. You can associate as many as 50 tags with an investigation group.

Tags can help you organize and categorize your resources.

Required: No

Type: Array of Tag

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the ARN of the investigation group. For example, arn:aws:aiops:Region:account-id:investigation-group:investigation-group-id

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Arn

The Amazon Resource Name (ARN) of the investigation group. For example, arn:aws:aiops:Region:account-id:investigation-group:investigation-group-id

CreatedAt

The date and time that the investigation group was created.

CreatedBy

The name of the user who created the investigation group.

LastModifiedAt

The date and time that the investigation group was most recently modified.

LastModifiedBy

The name of the user who most recently modified the investigation group.