- Newest
- Most votes
- Most comments
Hi,
I understand you would like to know how the data protection policies used by cloudwatch logs does not match any existing custom data identifier that you have created.
First, confirm that the JSON properties for the data protection policy is in this format: { "Name": "CloudWatchLogs-PersonalInformation-Protection", "Description": "Protect basic types of sensitive data", "Version": "2021-06-01", "Statement": [ ... ] }
Alternatively, to select the sensitive data of interest in the json field, trying using managed data identifiers. According to the documentation, it mentioned specifically about CloudWatch Logs managed data identifiers for sensitive data types. Also, you can use the supported identifiers listed in the "CloudWatch Logs managed data identifiers for sensitive data types" as keywords as considerations for the custom data identifiers.
I hope this helps. Let me know if I answered your question by up voting my response or if you have any follow-up.
Kind regards, Ahmed
References: [1] https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/cloudwatch-logs-data-protection-policies.html [2] https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/protect-sensitive-log-data-types.html#CWL-managed-data-identifiers
Relevant content
- asked 5 years ago
- asked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 8 months ago