Network Flow Monitor

2025/09/10 - Network Flow Monitor - 7 updated api methods

Changes  Added new enum value (AWS::Region) for type field under MonitorLocalResource and MonitorRemoteResource. Workload Insights and Monitor top contributors queries now support a new DestinationCategory (INTER_REGION).

CreateMonitor (updated) Link ¶
Changes (both)
{'localResources': {'type': {'AWS::Region'}},
 'remoteResources': {'type': {'AWS::Region'}}}

Create a monitor for specific network flows between local and remote resources, so that you can monitor network performance for one or several of your workloads. For each monitor, Network Flow Monitor publishes detailed end-to-end performance metrics and a network health indicator (NHI) that informs you whether there were Amazon Web Services network issues for one or more of the network flows tracked by a monitor, during a time period that you choose.

See also: AWS API Documentation

Request Syntax

client.create_monitor(
    monitorName='string',
    localResources=[
        {
            'type': 'AWS::EC2::VPC'|'AWS::AvailabilityZone'|'AWS::EC2::Subnet'|'AWS::Region',
            'identifier': 'string'
        },
    ],
    remoteResources=[
        {
            'type': 'AWS::EC2::VPC'|'AWS::AvailabilityZone'|'AWS::EC2::Subnet'|'AWS::AWSService'|'AWS::Region',
            'identifier': 'string'
        },
    ],
    scopeArn='string',
    clientToken='string',
    tags={
        'string': 'string'
    }
)
type monitorName:

string

param monitorName:

[REQUIRED]

The name of the monitor.

type localResources:

list

param localResources:

[REQUIRED]

The local resources to monitor. A local resource in a workload is the location of the host, or hosts, where the Network Flow Monitor agent is installed. For example, if a workload consists of an interaction between a web service and a backend database (for example, Amazon Dynamo DB), the subnet with the EC2 instance that hosts the web service, which also runs the agent, is the local resource.

Be aware that all local resources must belong to the current Region.

  • (dict) --

    A local resource is the host where the agent is installed. Local resources can be a a subnet, a VPC, an Availability Zone, or an Amazon Web Services service.

    • type (string) -- [REQUIRED]

      The type of the local resource. Valid values are AWS::EC2::VPC AWS::AvailabilityZone, AWS::EC2::Subnet, or AWS::Region.

    • identifier (string) -- [REQUIRED]

      The identifier of the local resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b.

type remoteResources:

list

param remoteResources:

The remote resources to monitor. A remote resource is the other endpoint in the bi-directional flow of a workload, with a local resource. For example, Amazon Dynamo DB can be a remote resource.

When you specify remote resources, be aware that specific combinations of resources are allowed and others are not, including the following constraints:

  • All remote resources that you specify must all belong to a single Region.

  • If you specify Amazon Web Services services as remote resources, any other remote resources that you specify must be in the current Region.

  • When you specify a remote resource for another Region, you can only specify the Region resource type. You cannot specify a subnet, VPC, or Availability Zone in another Region.

  • If you leave the RemoteResources parameter empty, the monitor will include all network flows that terminate in the current Region.

  • (dict) --

    A remote resource is the other endpoint in a network flow. That is, one endpoint is the local resource and the other is the remote resource. Remote resources can be a a subnet, a VPC, an Availability Zone, an Amazon Web Services service, or an Amazon Web Services Region.

    When a remote resource is an Amazon Web Services Region, Network Flow Monitor provides network performance measurements up to the edge of the Region that you specify.

    • type (string) -- [REQUIRED]

      The type of the remote resource. Valid values are AWS::EC2::VPC AWS::AvailabilityZone, AWS::EC2::Subnet, AWS::AWSService, or AWS::Region.

    • identifier (string) -- [REQUIRED]

      The identifier of the remote resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b. For an Amazon Web Services Region , this identifier is the Region name, for example, us-west-2.

type scopeArn:

string

param scopeArn:

[REQUIRED]

The Amazon Resource Name (ARN) of the scope for the monitor.

type clientToken:

string

param clientToken:

A unique, case-sensitive string of up to 64 ASCII characters that you specify to make an idempotent API request. Don't reuse the same client token for other API requests.

This field is autopopulated if not provided.

type tags:

dict

param tags:

The tags for a monitor. You can add a maximum of 200 tags.

  • (string) --

    • (string) --

rtype:

dict

returns:

Response Syntax

{
    'monitorArn': 'string',
    'monitorName': 'string',
    'monitorStatus': 'PENDING'|'ACTIVE'|'INACTIVE'|'ERROR'|'DELETING',
    'localResources': [
        {
            'type': 'AWS::EC2::VPC'|'AWS::AvailabilityZone'|'AWS::EC2::Subnet'|'AWS::Region',
            'identifier': 'string'
        },
    ],
    'remoteResources': [
        {
            'type': 'AWS::EC2::VPC'|'AWS::AvailabilityZone'|'AWS::EC2::Subnet'|'AWS::AWSService'|'AWS::Region',
            'identifier': 'string'
        },
    ],
    'createdAt': datetime(2015, 1, 1),
    'modifiedAt': datetime(2015, 1, 1),
    'tags': {
        'string': 'string'
    }
}

Response Structure

  • (dict) --

    • monitorArn (string) --

      The Amazon Resource Name (ARN) of the monitor.

    • monitorName (string) --

      The name of the monitor.

    • monitorStatus (string) --

      The status of a monitor. The status can be one of the following

      • PENDING: The monitor is in the process of being created.

      • ACTIVE: The monitor is active.

      • INACTIVE: The monitor is inactive.

      • ERROR: Monitor creation failed due to an error.

      • DELETING: The monitor is in the process of being deleted.

    • localResources (list) --

      The local resources to monitor. A local resource in a workload is the location of hosts where the Network Flow Monitor agent is installed.

      • (dict) --

        A local resource is the host where the agent is installed. Local resources can be a a subnet, a VPC, an Availability Zone, or an Amazon Web Services service.

        • type (string) --

          The type of the local resource. Valid values are AWS::EC2::VPC AWS::AvailabilityZone, AWS::EC2::Subnet, or AWS::Region.

        • identifier (string) --

          The identifier of the local resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b.

    • remoteResources (list) --

      The remote resources to monitor. A remote resource is the other endpoint specified for the network flow of a workload, with a local resource. For example, Amazon Dynamo DB can be a remote resource.

      • (dict) --

        A remote resource is the other endpoint in a network flow. That is, one endpoint is the local resource and the other is the remote resource. Remote resources can be a a subnet, a VPC, an Availability Zone, an Amazon Web Services service, or an Amazon Web Services Region.

        When a remote resource is an Amazon Web Services Region, Network Flow Monitor provides network performance measurements up to the edge of the Region that you specify.

        • type (string) --

          The type of the remote resource. Valid values are AWS::EC2::VPC AWS::AvailabilityZone, AWS::EC2::Subnet, AWS::AWSService, or AWS::Region.

        • identifier (string) --

          The identifier of the remote resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b. For an Amazon Web Services Region , this identifier is the Region name, for example, us-west-2.

    • createdAt (datetime) --

      The date and time when the monitor was created.

    • modifiedAt (datetime) --

      The last date and time that the monitor was modified.

    • tags (dict) --

      The tags for a monitor.

      • (string) --

        • (string) --

GetMonitor (updated) Link ¶
Changes (response)
{'localResources': {'type': {'AWS::Region'}},
 'remoteResources': {'type': {'AWS::Region'}}}

Gets information about a monitor in Network Flow Monitor based on a monitor name. The information returned includes the Amazon Resource Name (ARN), create time, modified time, resources included in the monitor, and status information.

See also: AWS API Documentation

Request Syntax

client.get_monitor(
    monitorName='string'
)
type monitorName:

string

param monitorName:

[REQUIRED]

The name of the monitor.

rtype:

dict

returns:

Response Syntax

{
    'monitorArn': 'string',
    'monitorName': 'string',
    'monitorStatus': 'PENDING'|'ACTIVE'|'INACTIVE'|'ERROR'|'DELETING',
    'localResources': [
        {
            'type': 'AWS::EC2::VPC'|'AWS::AvailabilityZone'|'AWS::EC2::Subnet'|'AWS::Region',
            'identifier': 'string'
        },
    ],
    'remoteResources': [
        {
            'type': 'AWS::EC2::VPC'|'AWS::AvailabilityZone'|'AWS::EC2::Subnet'|'AWS::AWSService'|'AWS::Region',
            'identifier': 'string'
        },
    ],
    'createdAt': datetime(2015, 1, 1),
    'modifiedAt': datetime(2015, 1, 1),
    'tags': {
        'string': 'string'
    }
}

Response Structure

  • (dict) --

    • monitorArn (string) --

      The Amazon Resource Name (ARN) of the monitor.

    • monitorName (string) --

      The name of the monitor.

    • monitorStatus (string) --

      The status of a monitor. The status can be one of the following

      • PENDING: The monitor is in the process of being created.

      • ACTIVE: The monitor is active.

      • INACTIVE: The monitor is inactive.

      • ERROR: Monitor creation failed due to an error.

      • DELETING: The monitor is in the process of being deleted.

    • localResources (list) --

      The local resources to monitor. A local resource in a workload is the location of the hosts where the Network Flow Monitor agent is installed.

      • (dict) --

        A local resource is the host where the agent is installed. Local resources can be a a subnet, a VPC, an Availability Zone, or an Amazon Web Services service.

        • type (string) --

          The type of the local resource. Valid values are AWS::EC2::VPC AWS::AvailabilityZone, AWS::EC2::Subnet, or AWS::Region.

        • identifier (string) --

          The identifier of the local resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b.

    • remoteResources (list) --

      The remote resources to monitor. A remote resource is the other endpoint specified for the network flow of a workload, with a local resource. For example, Amazon Dynamo DB can be a remote resource.

      • (dict) --

        A remote resource is the other endpoint in a network flow. That is, one endpoint is the local resource and the other is the remote resource. Remote resources can be a a subnet, a VPC, an Availability Zone, an Amazon Web Services service, or an Amazon Web Services Region.

        When a remote resource is an Amazon Web Services Region, Network Flow Monitor provides network performance measurements up to the edge of the Region that you specify.

        • type (string) --

          The type of the remote resource. Valid values are AWS::EC2::VPC AWS::AvailabilityZone, AWS::EC2::Subnet, AWS::AWSService, or AWS::Region.

        • identifier (string) --

          The identifier of the remote resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b. For an Amazon Web Services Region , this identifier is the Region name, for example, us-west-2.

    • createdAt (datetime) --

      The date and time when the monitor was created.

    • modifiedAt (datetime) --

      The date and time when the monitor was last modified.

    • tags (dict) --

      The tags for a monitor.

      • (string) --

        • (string) --

GetQueryResultsMonitorTopContributors (updated) Link ¶
Changes (response)
{'topContributors': {'destinationCategory': {'INTER_REGION'}}}

Return the data for a query with the Network Flow Monitor query interface. You specify the query that you want to return results for by providing a query ID and a monitor name. This query returns the top contributors for a specific monitor.

Create a query ID for this call by calling the corresponding API call to start the query, StartQueryMonitorTopContributors. Use the scope ID that was returned for your account by CreateScope.

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable call for the top contributors that you want to be returned.

See also: AWS API Documentation

Request Syntax

client.get_query_results_monitor_top_contributors(
    monitorName='string',
    queryId='string',
    nextToken='string',
    maxResults=123
)
type monitorName:

string

param monitorName:

[REQUIRED]

The name of the monitor.

type queryId:

string

param queryId:

[REQUIRED]

The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to create a query.

type nextToken:

string

param nextToken:

The token for the next set of results. You receive this token from a previous call.

type maxResults:

integer

param maxResults:

The number of query results that you want to return with this call.

rtype:

dict

returns:

Response Syntax

{
    'unit': 'Seconds'|'Microseconds'|'Milliseconds'|'Bytes'|'Kilobytes'|'Megabytes'|'Gigabytes'|'Terabytes'|'Bits'|'Kilobits'|'Megabits'|'Gigabits'|'Terabits'|'Percent'|'Count'|'Bytes/Second'|'Kilobytes/Second'|'Megabytes/Second'|'Gigabytes/Second'|'Terabytes/Second'|'Bits/Second'|'Kilobits/Second'|'Megabits/Second'|'Gigabits/Second'|'Terabits/Second'|'Count/Second'|'None',
    'topContributors': [
        {
            'localIp': 'string',
            'snatIp': 'string',
            'localInstanceId': 'string',
            'localVpcId': 'string',
            'localRegion': 'string',
            'localAz': 'string',
            'localSubnetId': 'string',
            'targetPort': 123,
            'destinationCategory': 'INTRA_AZ'|'INTER_AZ'|'INTER_VPC'|'UNCLASSIFIED'|'AMAZON_S3'|'AMAZON_DYNAMODB'|'INTER_REGION',
            'remoteVpcId': 'string',
            'remoteRegion': 'string',
            'remoteAz': 'string',
            'remoteSubnetId': 'string',
            'remoteInstanceId': 'string',
            'remoteIp': 'string',
            'dnatIp': 'string',
            'value': 123,
            'traversedConstructs': [
                {
                    'componentId': 'string',
                    'componentType': 'string',
                    'componentArn': 'string',
                    'serviceName': 'string'
                },
            ],
            'kubernetesMetadata': {
                'localServiceName': 'string',
                'localPodName': 'string',
                'localPodNamespace': 'string',
                'remoteServiceName': 'string',
                'remotePodName': 'string',
                'remotePodNamespace': 'string'
            },
            'localInstanceArn': 'string',
            'localSubnetArn': 'string',
            'localVpcArn': 'string',
            'remoteInstanceArn': 'string',
            'remoteSubnetArn': 'string',
            'remoteVpcArn': 'string'
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • unit (string) --

      The units for a metric returned by the query.

    • topContributors (list) --

      The top contributor network flows overall for a specific metric type, for example, the number of retransmissions.

      • (dict) --

        A set of information for a top contributor network flow in a monitor. In a monitor, Network Flow Monitor returns information about the network flows for top contributors for each metric. Top contributors are network flows with the top values for each metric type.

        • localIp (string) --

          The IP address of the local resource for a top contributor network flow.

        • snatIp (string) --

          The secure network address translation (SNAT) IP address for a top contributor network flow.

        • localInstanceId (string) --

          The instance identifier for the local resource for a top contributor network flow.

        • localVpcId (string) --

          The VPC ID for a top contributor network flow for the local resource.

        • localRegion (string) --

          The Amazon Web Services Region for the local resource for a top contributor network flow.

        • localAz (string) --

          The Availability Zone for the local resource for a top contributor network flow.

        • localSubnetId (string) --

          The subnet ID for the local resource for a top contributor network flow.

        • targetPort (integer) --

          The target port.

        • destinationCategory (string) --

          The destination category for a top contributors row. Destination categories can be one of the following:

          • INTRA_AZ: Top contributor network flows within a single Availability Zone

          • INTER_AZ: Top contributor network flows between Availability Zones

          • INTER_REGION: Top contributor network flows between Regions (to the edge of another Region)

          • INTER_VPC: Top contributor network flows between VPCs

          • AWS_SERVICES: Top contributor network flows to or from Amazon Web Services services

          • UNCLASSIFIED: Top contributor network flows that do not have a bucket classification

        • remoteVpcId (string) --

          The VPC ID for a top contributor network flow for the remote resource.

        • remoteRegion (string) --

          The Amazon Web Services Region for the remote resource for a top contributor network flow.

        • remoteAz (string) --

          The Availability Zone for the remote resource for a top contributor network flow.

        • remoteSubnetId (string) --

          The subnet ID for the remote resource for a top contributor network flow.

        • remoteInstanceId (string) --

          The instance identifier for the remote resource for a top contributor network flow.

        • remoteIp (string) --

          The IP address of the remote resource for a top contributor network flow.

        • dnatIp (string) --

          The destination network address translation (DNAT) IP address for a top contributor network flow.

        • value (integer) --

          The value of the metric for a top contributor network flow.

        • traversedConstructs (list) --

          The constructs traversed by a network flow.

          • (dict) --

            A section of the network that a network flow has traveled through.

            • componentId (string) --

              The identifier for the traversed component.

            • componentType (string) --

              The type of component that was traversed.

            • componentArn (string) --

              The Amazon Resource Name (ARN) of a traversed component.

            • serviceName (string) --

              The service name for the traversed component.

        • kubernetesMetadata (dict) --

          Meta data about Kubernetes resources.

          • localServiceName (string) --

            The service name for a local resource.

          • localPodName (string) --

            The name of the pod for a local resource.

          • localPodNamespace (string) --

            The namespace of the pod for a local resource.

          • remoteServiceName (string) --

            The service name for a remote resource.

          • remotePodName (string) --

            The name of the pod for a remote resource.

          • remotePodNamespace (string) --

            The namespace of the pod for a remote resource.

        • localInstanceArn (string) --

          The Amazon Resource Name (ARN) of a local resource.

        • localSubnetArn (string) --

          The Amazon Resource Name (ARN) of a local subnet.

        • localVpcArn (string) --

          The Amazon Resource Name (ARN) of a local VPC.

        • remoteInstanceArn (string) --

          The Amazon Resource Name (ARN) of a remote resource.

        • remoteSubnetArn (string) --

          The Amazon Resource Name (ARN) of a remote subnet.

        • remoteVpcArn (string) --

          The Amazon Resource Name (ARN) of a remote VPC.

    • nextToken (string) --

      The token for the next set of results. You receive this token from a previous call.

StartQueryMonitorTopContributors (updated) Link ¶
Changes (request)
{'destinationCategory': {'INTER_REGION'}}

Create a query that you can use with the Network Flow Monitor query interface to return the top contributors for a monitor. Specify the monitor that you want to create the query for.

The call returns a query ID that you can use with GetQueryResultsMonitorTopContributors to run the query and return the top contributors for a specific monitor.

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable APIs for the top contributors that you want to be returned.

See also: AWS API Documentation

Request Syntax

client.start_query_monitor_top_contributors(
    monitorName='string',
    startTime=datetime(2015, 1, 1),
    endTime=datetime(2015, 1, 1),
    metricName='ROUND_TRIP_TIME'|'TIMEOUTS'|'RETRANSMISSIONS'|'DATA_TRANSFERRED',
    destinationCategory='INTRA_AZ'|'INTER_AZ'|'INTER_VPC'|'UNCLASSIFIED'|'AMAZON_S3'|'AMAZON_DYNAMODB'|'INTER_REGION',
    limit=123
)
type monitorName:

string

param monitorName:

[REQUIRED]

The name of the monitor.

type startTime:

datetime

param startTime:

[REQUIRED]

The timestamp that is the date and time that is the beginning of the period that you want to retrieve results for with your query.

type endTime:

datetime

param endTime:

[REQUIRED]

The timestamp that is the date and time end of the period that you want to retrieve results for with your query.

type metricName:

string

param metricName:

[REQUIRED]

The metric that you want to query top contributors for. That is, you can specify a metric with this call and return the top contributor network flows, for that type of metric, for a monitor and (optionally) within a specific category, such as network flows between Availability Zones.

type destinationCategory:

string

param destinationCategory:

[REQUIRED]

The category that you want to query top contributors for, for a specific monitor. Destination categories can be one of the following:

  • INTRA_AZ: Top contributor network flows within a single Availability Zone

  • INTER_AZ: Top contributor network flows between Availability Zones

  • INTER_REGION: Top contributor network flows between Regions (to the edge of another Region)

  • INTER_VPC: Top contributor network flows between VPCs

  • AMAZON_S3: Top contributor network flows to or from Amazon S3

  • AMAZON_DYNAMODB: Top contributor network flows to or from Amazon Dynamo DB

  • UNCLASSIFIED: Top contributor network flows that do not have a bucket classification

type limit:

integer

param limit:

The maximum number of top contributors to return.

rtype:

dict

returns:

Response Syntax

{
    'queryId': 'string'
}

Response Structure

  • (dict) --

    • queryId (string) --

      The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

StartQueryWorkloadInsightsTopContributors (updated) Link ¶
Changes (request)
{'destinationCategory': {'INTER_REGION'}}

Create a query with the Network Flow Monitor query interface that you can run to return workload insights top contributors. Specify the scope that you want to create a query for.

The call returns a query ID that you can use with GetQueryResultsWorkloadInsightsTopContributors to run the query and return the top contributors for the workload insights for a scope.

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable APIs for the top contributors that you want to be returned.

See also: AWS API Documentation

Request Syntax

client.start_query_workload_insights_top_contributors(
    scopeId='string',
    startTime=datetime(2015, 1, 1),
    endTime=datetime(2015, 1, 1),
    metricName='TIMEOUTS'|'RETRANSMISSIONS'|'DATA_TRANSFERRED',
    destinationCategory='INTRA_AZ'|'INTER_AZ'|'INTER_VPC'|'UNCLASSIFIED'|'AMAZON_S3'|'AMAZON_DYNAMODB'|'INTER_REGION',
    limit=123
)
type scopeId:

string

param scopeId:

[REQUIRED]

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account. A scope ID is returned from a CreateScope API call.

type startTime:

datetime

param startTime:

[REQUIRED]

The timestamp that is the date and time that is the beginning of the period that you want to retrieve results for with your query.

type endTime:

datetime

param endTime:

[REQUIRED]

The timestamp that is the date and time end of the period that you want to retrieve results for with your query.

type metricName:

string

param metricName:

[REQUIRED]

The metric that you want to query top contributors for. That is, you can specify this metric to return the top contributor network flows, for this type of metric, for a monitor and (optionally) within a specific category, such as network flows between Availability Zones.

type destinationCategory:

string

param destinationCategory:

[REQUIRED]

The destination category for a top contributors row. Destination categories can be one of the following:

  • INTRA_AZ: Top contributor network flows within a single Availability Zone

  • INTER_AZ: Top contributor network flows between Availability Zones

  • INTER_REGION: Top contributor network flows between Regions (to the edge of another Region)

  • INTER_VPC: Top contributor network flows between VPCs

  • AWS_SERVICES: Top contributor network flows to or from Amazon Web Services services

  • UNCLASSIFIED: Top contributor network flows that do not have a bucket classification

type limit:

integer

param limit:

The maximum number of top contributors to return.

rtype:

dict

returns:

Response Syntax

{
    'queryId': 'string'
}

Response Structure

  • (dict) --

    • queryId (string) --

      The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

StartQueryWorkloadInsightsTopContributorsData (updated) Link ¶
Changes (request)
{'destinationCategory': {'INTER_REGION'}}

Create a query with the Network Flow Monitor query interface that you can run to return data for workload insights top contributors. Specify the scope that you want to create a query for.

The call returns a query ID that you can use with GetQueryResultsWorkloadInsightsTopContributorsData to run the query and return the data for the top contributors for the workload insights for a scope.

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type. Top contributors can be across all workload insights, for a given scope, or for a specific monitor. Use the applicable call for the top contributors that you want to be returned.

See also: AWS API Documentation

Request Syntax

client.start_query_workload_insights_top_contributors_data(
    scopeId='string',
    startTime=datetime(2015, 1, 1),
    endTime=datetime(2015, 1, 1),
    metricName='TIMEOUTS'|'RETRANSMISSIONS'|'DATA_TRANSFERRED',
    destinationCategory='INTRA_AZ'|'INTER_AZ'|'INTER_VPC'|'UNCLASSIFIED'|'AMAZON_S3'|'AMAZON_DYNAMODB'|'INTER_REGION'
)
type scopeId:

string

param scopeId:

[REQUIRED]

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.

type startTime:

datetime

param startTime:

[REQUIRED]

The timestamp that is the date and time that is the beginning of the period that you want to retrieve results for with your query.

type endTime:

datetime

param endTime:

[REQUIRED]

The timestamp that is the date and time end of the period that you want to retrieve results for with your query.

type metricName:

string

param metricName:

[REQUIRED]

The metric that you want to query top contributors for. That is, you can specify this metric to return the top contributor network flows, for this type of metric, for a monitor and (optionally) within a specific category, such as network flows between Availability Zones.

type destinationCategory:

string

param destinationCategory:

[REQUIRED]

The destination category for a top contributors. Destination categories can be one of the following:

  • INTRA_AZ: Top contributor network flows within a single Availability Zone

  • INTER_AZ: Top contributor network flows between Availability Zones

  • INTER_REGION: Top contributor network flows between Regions (to the edge of another Region)

  • INTER_VPC: Top contributor network flows between VPCs

  • AWS_SERVICES: Top contributor network flows to or from Amazon Web Services services

  • UNCLASSIFIED: Top contributor network flows that do not have a bucket classification

rtype:

dict

returns:

Response Syntax

{
    'queryId': 'string'
}

Response Structure

  • (dict) --

    • queryId (string) --

      The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

UpdateMonitor (updated) Link ¶
Changes (request, response)
Request
{'localResourcesToAdd': {'type': {'AWS::Region'}},
 'localResourcesToRemove': {'type': {'AWS::Region'}},
 'remoteResourcesToAdd': {'type': {'AWS::Region'}},
 'remoteResourcesToRemove': {'type': {'AWS::Region'}}}
Response
{'localResources': {'type': {'AWS::Region'}},
 'remoteResources': {'type': {'AWS::Region'}}}

Update a monitor to add or remove local or remote resources.

See also: AWS API Documentation

Request Syntax

client.update_monitor(
    monitorName='string',
    localResourcesToAdd=[
        {
            'type': 'AWS::EC2::VPC'|'AWS::AvailabilityZone'|'AWS::EC2::Subnet'|'AWS::Region',
            'identifier': 'string'
        },
    ],
    localResourcesToRemove=[
        {
            'type': 'AWS::EC2::VPC'|'AWS::AvailabilityZone'|'AWS::EC2::Subnet'|'AWS::Region',
            'identifier': 'string'
        },
    ],
    remoteResourcesToAdd=[
        {
            'type': 'AWS::EC2::VPC'|'AWS::AvailabilityZone'|'AWS::EC2::Subnet'|'AWS::AWSService'|'AWS::Region',
            'identifier': 'string'
        },
    ],
    remoteResourcesToRemove=[
        {
            'type': 'AWS::EC2::VPC'|'AWS::AvailabilityZone'|'AWS::EC2::Subnet'|'AWS::AWSService'|'AWS::Region',
            'identifier': 'string'
        },
    ],
    clientToken='string'
)
type monitorName:

string

param monitorName:

[REQUIRED]

The name of the monitor.

type localResourcesToAdd:

list

param localResourcesToAdd:

Additional local resources to specify network flows for a monitor, as an array of resources with identifiers and types. A local resource in a workload is the location of hosts where the Network Flow Monitor agent is installed.

  • (dict) --

    A local resource is the host where the agent is installed. Local resources can be a a subnet, a VPC, an Availability Zone, or an Amazon Web Services service.

    • type (string) -- [REQUIRED]

      The type of the local resource. Valid values are AWS::EC2::VPC AWS::AvailabilityZone, AWS::EC2::Subnet, or AWS::Region.

    • identifier (string) -- [REQUIRED]

      The identifier of the local resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b.

type localResourcesToRemove:

list

param localResourcesToRemove:

The local resources to remove, as an array of resources with identifiers and types.

  • (dict) --

    A local resource is the host where the agent is installed. Local resources can be a a subnet, a VPC, an Availability Zone, or an Amazon Web Services service.

    • type (string) -- [REQUIRED]

      The type of the local resource. Valid values are AWS::EC2::VPC AWS::AvailabilityZone, AWS::EC2::Subnet, or AWS::Region.

    • identifier (string) -- [REQUIRED]

      The identifier of the local resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b.

type remoteResourcesToAdd:

list

param remoteResourcesToAdd:

The remote resources to add, as an array of resources with identifiers and types.

A remote resource is the other endpoint in the flow of a workload, with a local resource. For example, Amazon Dynamo DB can be a remote resource.

  • (dict) --

    A remote resource is the other endpoint in a network flow. That is, one endpoint is the local resource and the other is the remote resource. Remote resources can be a a subnet, a VPC, an Availability Zone, an Amazon Web Services service, or an Amazon Web Services Region.

    When a remote resource is an Amazon Web Services Region, Network Flow Monitor provides network performance measurements up to the edge of the Region that you specify.

    • type (string) -- [REQUIRED]

      The type of the remote resource. Valid values are AWS::EC2::VPC AWS::AvailabilityZone, AWS::EC2::Subnet, AWS::AWSService, or AWS::Region.

    • identifier (string) -- [REQUIRED]

      The identifier of the remote resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b. For an Amazon Web Services Region , this identifier is the Region name, for example, us-west-2.

type remoteResourcesToRemove:

list

param remoteResourcesToRemove:

The remote resources to remove, as an array of resources with identifiers and types.

A remote resource is the other endpoint specified for the network flow of a workload, with a local resource. For example, Amazon Dynamo DB can be a remote resource.

  • (dict) --

    A remote resource is the other endpoint in a network flow. That is, one endpoint is the local resource and the other is the remote resource. Remote resources can be a a subnet, a VPC, an Availability Zone, an Amazon Web Services service, or an Amazon Web Services Region.

    When a remote resource is an Amazon Web Services Region, Network Flow Monitor provides network performance measurements up to the edge of the Region that you specify.

    • type (string) -- [REQUIRED]

      The type of the remote resource. Valid values are AWS::EC2::VPC AWS::AvailabilityZone, AWS::EC2::Subnet, AWS::AWSService, or AWS::Region.

    • identifier (string) -- [REQUIRED]

      The identifier of the remote resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b. For an Amazon Web Services Region , this identifier is the Region name, for example, us-west-2.

type clientToken:

string

param clientToken:

A unique, case-sensitive string of up to 64 ASCII characters that you specify to make an idempotent API request. Don't reuse the same client token for other API requests.

This field is autopopulated if not provided.

rtype:

dict

returns:

Response Syntax

{
    'monitorArn': 'string',
    'monitorName': 'string',
    'monitorStatus': 'PENDING'|'ACTIVE'|'INACTIVE'|'ERROR'|'DELETING',
    'localResources': [
        {
            'type': 'AWS::EC2::VPC'|'AWS::AvailabilityZone'|'AWS::EC2::Subnet'|'AWS::Region',
            'identifier': 'string'
        },
    ],
    'remoteResources': [
        {
            'type': 'AWS::EC2::VPC'|'AWS::AvailabilityZone'|'AWS::EC2::Subnet'|'AWS::AWSService'|'AWS::Region',
            'identifier': 'string'
        },
    ],
    'createdAt': datetime(2015, 1, 1),
    'modifiedAt': datetime(2015, 1, 1),
    'tags': {
        'string': 'string'
    }
}

Response Structure

  • (dict) --

    • monitorArn (string) --

      The Amazon Resource Name (ARN) of the monitor.

    • monitorName (string) --

      The name of the monitor.

    • monitorStatus (string) --

      The status of a monitor. The status can be one of the following

      • PENDING: The monitor is in the process of being created.

      • ACTIVE: The monitor is active.

      • INACTIVE: The monitor is inactive.

      • ERROR: Monitor creation failed due to an error.

      • DELETING: The monitor is in the process of being deleted.

    • localResources (list) --

      The local resources to monitor. A local resource in a workload is the location of hosts where the Network Flow Monitor agent is installed.

      • (dict) --

        A local resource is the host where the agent is installed. Local resources can be a a subnet, a VPC, an Availability Zone, or an Amazon Web Services service.

        • type (string) --

          The type of the local resource. Valid values are AWS::EC2::VPC AWS::AvailabilityZone, AWS::EC2::Subnet, or AWS::Region.

        • identifier (string) --

          The identifier of the local resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b.

    • remoteResources (list) --

      The remote resources updated for a monitor, as an array of resources with identifiers and types.

      A remote resource is the other endpoint specified for the network flow of a workload, with a local resource. For example, Amazon Dynamo DB can be a remote resource.

      • (dict) --

        A remote resource is the other endpoint in a network flow. That is, one endpoint is the local resource and the other is the remote resource. Remote resources can be a a subnet, a VPC, an Availability Zone, an Amazon Web Services service, or an Amazon Web Services Region.

        When a remote resource is an Amazon Web Services Region, Network Flow Monitor provides network performance measurements up to the edge of the Region that you specify.

        • type (string) --

          The type of the remote resource. Valid values are AWS::EC2::VPC AWS::AvailabilityZone, AWS::EC2::Subnet, AWS::AWSService, or AWS::Region.

        • identifier (string) --

          The identifier of the remote resource. For a VPC or subnet, this identifier is the VPC Amazon Resource Name (ARN) or subnet ARN. For an Availability Zone, this identifier is the AZ name, for example, us-west-2b. For an Amazon Web Services Region , this identifier is the Region name, for example, us-west-2.

    • createdAt (datetime) --

      The date and time when the monitor was created.

    • modifiedAt (datetime) --

      The last date and time that the monitor was modified.

    • tags (dict) --

      The tags for a monitor.

      • (string) --

        • (string) --