SDK for PHP 3.x

Network Flow Monitor 2023-04-19

Client: Aws\NetworkFlowMonitor\NetworkFlowMonitorClient
Service ID: networkflowmonitor
Version: 2023-04-19

This page describes the parameters and results for the operations of the Network Flow Monitor (2023-04-19), and shows how to use the Aws\NetworkFlowMonitor\NetworkFlowMonitorClient object to call the described operations. This documentation is specific to the 2023-04-19 API version of the service.

Operation Summary

Each of the following operations can be created from a client using $client->getCommand('CommandName'), where "CommandName" is the name of one of the following operations. Note: a command is a value that encapsulates an operation and the parameters used to create an HTTP request.

You can also create and send a command immediately using the magic methods available on a client object: $client->commandName(/* parameters */). You can send the command asynchronously (returning a promise) by appending the word "Async" to the operation name: $client->commandNameAsync(/* parameters */).

CreateMonitor ( array $params = [] )
Create a monitor for specific network flows between local and remote resources, so that you can monitor network performance for one or several of your workloads.
CreateScope ( array $params = [] )
Create a scope of resources that you want to be available for Network Flow Monitor to generate metrics for, when you have active agents on those resources sending metrics reports to the Network Flow Monitor backend.
DeleteMonitor ( array $params = [] )
Deletes a monitor in Network Flow Monitor.
DeleteScope ( array $params = [] )
Deletes a scope that has been defined.
GetMonitor ( array $params = [] )
Gets information about a monitor in Network Flow Monitor based on a monitor name.
GetQueryResultsMonitorTopContributors ( array $params = [] )
Return the data for a query with the Network Flow Monitor query interface.
GetQueryResultsWorkloadInsightsTopContributors ( array $params = [] )
Return the data for a query with the Network Flow Monitor query interface.
GetQueryResultsWorkloadInsightsTopContributorsData ( array $params = [] )
Return the data for a query with the Network Flow Monitor query interface.
GetQueryStatusMonitorTopContributors ( array $params = [] )
Returns the current status of a query for the Network Flow Monitor query interface, for a specified query ID and monitor.
GetQueryStatusWorkloadInsightsTopContributors ( array $params = [] )
Return the data for a query with the Network Flow Monitor query interface.
GetQueryStatusWorkloadInsightsTopContributorsData ( array $params = [] )
Returns the current status of a query for the Network Flow Monitor query interface, for a specified query ID and monitor.
GetScope ( array $params = [] )
Gets information about a scope, including the name, status, tags, and target details.
ListMonitors ( array $params = [] )
List all monitors in an account.
ListScopes ( array $params = [] )
List all the scopes for an account.
ListTagsForResource ( array $params = [] )
Returns all the tags for a resource.
StartQueryMonitorTopContributors ( array $params = [] )
Start a query to return the data with the Network Flow Monitor query interface.
StartQueryWorkloadInsightsTopContributors ( array $params = [] )
Start a query to return the data with the Network Flow Monitor query interface.
StartQueryWorkloadInsightsTopContributorsData ( array $params = [] )
Return the data for a query with the Network Flow Monitor query interface.
StopQueryMonitorTopContributors ( array $params = [] )
Stop a query with the Network Flow Monitor query interface.
StopQueryWorkloadInsightsTopContributors ( array $params = [] )
Stop a query with the Network Flow Monitor query interface.
StopQueryWorkloadInsightsTopContributorsData ( array $params = [] )
Return the data for a query with the Network Flow Monitor query interface.
TagResource ( array $params = [] )
Adds a tag to a resource.
UntagResource ( array $params = [] )
Removes a tag from a resource.
UpdateMonitor ( array $params = [] )
Update a monitor to add or remove local or remote resources.
UpdateScope ( array $params = [] )
Update a scope to add or remove resources that you want to be available for Network Flow Monitor to generate metrics for, when you have active agents on those resources sending metrics reports to the Network Flow Monitor backend.

Paginators

Paginators handle automatically iterating over paginated API results. Paginators are associated with specific API operations, and they accept the parameters that the corresponding API operation accepts. You can get a paginator from a client class using getPaginator($paginatorName, $operationParameters). This client supports the following paginators:

GetQueryResultsMonitorTopContributors
GetQueryResultsWorkloadInsightsTopContributors
GetQueryResultsWorkloadInsightsTopContributorsData
ListMonitors
ListScopes

Operations

CreateMonitor 

$result = $client->createMonitor([/* ... */]);
$promise = $client->createMonitorAsync([/* ... */]);

Create a monitor for specific network flows between local and remote resources, so that you can monitor network performance for one or several of your workloads. For each monitor, Network Flow Monitor publishes detailed end-to-end performance metrics and a network health indicators (NHI) that informs you whether there were Amazon Web Services network issues for one or more of the network flows tracked by a monitor, during a time period that you choose.

Parameter Syntax

$result = $client->createMonitor([
    'clientToken' => '<string>',
    'localResources' => [ // REQUIRED
        [
            'identifier' => '<string>', // REQUIRED
            'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet', // REQUIRED
        ],
        // ...
    ],
    'monitorName' => '<string>', // REQUIRED
    'remoteResources' => [
        [
            'identifier' => '<string>', // REQUIRED
            'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::AWSService', // REQUIRED
        ],
        // ...
    ],
    'scopeArn' => '<string>', // REQUIRED
    'tags' => ['<string>', ...],
]);

Parameter Details

Members
clientToken
Type: string

A unique, case-sensitive string of up to 64 ASCII characters that you specify to make an idempotent API request. Don't reuse the same client token for other API requests.

localResources
Required: Yes
Type: Array of MonitorLocalResource structures

The local resources to monitor. A local resource, in a bi-directional flow of a workload, is the host where the agent is installed. For example, if a workload consists of an interaction between a web service and a backend database (for example, Amazon Relational Database Service (RDS)), the EC2 instance hosting the web service, which also runs the agent, is the local resource.

monitorName
Required: Yes
Type: string

The name of the monitor.

remoteResources
Type: Array of MonitorRemoteResource structures

The remote resources to monitor. A remote resource is the other endpoint in the bi-directional flow of a workload, with a local resource. For example, Amazon Relational Database Service (RDS) can be a remote resource.

scopeArn
Required: Yes
Type: string

The Amazon Resource Name (ARN) of the scope for the monitor.

tags
Type: Associative array of custom strings keys (TagKey) to strings

The tags for a monitor. You can add a maximum of 200 tags.

Result Syntax

[
    'createdAt' => <DateTime>,
    'localResources' => [
        [
            'identifier' => '<string>',
            'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet',
        ],
        // ...
    ],
    'modifiedAt' => <DateTime>,
    'monitorArn' => '<string>',
    'monitorName' => '<string>',
    'monitorStatus' => 'PENDING|ACTIVE|INACTIVE|ERROR|DELETING',
    'remoteResources' => [
        [
            'identifier' => '<string>',
            'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::AWSService',
        ],
        // ...
    ],
    'tags' => ['<string>', ...],
]

Result Details

Members
createdAt
Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

The date and time when the monitor was created.

localResources
Required: Yes
Type: Array of MonitorLocalResource structures

The local resources to monitor. A local resource, in a bi-directional flow of a workload, is the host where the agent is installed.

modifiedAt
Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

The last date and time that the monitor was modified.

monitorArn
Required: Yes
Type: string

The Amazon Resource Name (ARN) of the monitor.

monitorName
Required: Yes
Type: string

The name of the monitor.

monitorStatus
Required: Yes
Type: string

The status of a monitor. The status can be one of the following

  • PENDING: The monitor is in the process of being created.

  • ACTIVE: The monitor is active.

  • INACTIVE: The monitor is inactive.

  • ERROR: Monitor creation failed due to an error.

  • DELETING: The monitor is in the process of being deleted.

remoteResources
Required: Yes
Type: Array of MonitorRemoteResource structures

The remote resources to monitor. A remote resource is the other endpoint in the bi-directional flow of a workload, with a local resource. For example, Amazon Relational Database Service (RDS) can be a remote resource. The remote resource is identified by its ARN or an identifier.

tags
Type: Associative array of custom strings keys (TagKey) to strings

The tags for a monitor.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ConflictException:

The requested resource is in use.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

CreateScope 

$result = $client->createScope([/* ... */]);
$promise = $client->createScopeAsync([/* ... */]);

Create a scope of resources that you want to be available for Network Flow Monitor to generate metrics for, when you have active agents on those resources sending metrics reports to the Network Flow Monitor backend. This call returns a scope ID to identify the scope.

When you create a scope, you enable permissions for Network Flow Monitor. The scope is set to the resources for the Amazon Web Services that enables the feature.

Parameter Syntax

$result = $client->createScope([
    'clientToken' => '<string>',
    'tags' => ['<string>', ...],
    'targets' => [ // REQUIRED
        [
            'region' => '<string>', // REQUIRED
            'targetIdentifier' => [ // REQUIRED
                'targetId' => [ // REQUIRED
                    'accountId' => '<string>',
                ],
                'targetType' => 'ACCOUNT', // REQUIRED
            ],
        ],
        // ...
    ],
]);

Parameter Details

Members
clientToken
Type: string

A unique, case-sensitive string of up to 64 ASCII characters that you specify to make an idempotent API request. Don't reuse the same client token for other API requests.

tags
Type: Associative array of custom strings keys (TagKey) to strings

The tags for a scope. You can add a maximum of 200 tags.

targets
Required: Yes
Type: Array of TargetResource structures

The targets to define the scope to be monitored. Currently, a target is an Amazon Web Services account.

Result Syntax

[
    'scopeArn' => '<string>',
    'scopeId' => '<string>',
    'status' => 'SUCCEEDED|IN_PROGRESS|FAILED',
    'tags' => ['<string>', ...],
]

Result Details

Members
scopeArn
Required: Yes
Type: string

The Amazon Resource Name (ARN) of the scope.

scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get metrics for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.

status
Required: Yes
Type: string

The status for a call to create a scope. The status can be one of the following: SUCCEEDED, IN_PROGRESS, or FAILED.

tags
Type: Associative array of custom strings keys (TagKey) to strings

The tags for a scope.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ConflictException:

The requested resource is in use.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

DeleteMonitor 

$result = $client->deleteMonitor([/* ... */]);
$promise = $client->deleteMonitorAsync([/* ... */]);

Deletes a monitor in Network Flow Monitor.

Parameter Syntax

$result = $client->deleteMonitor([
    'monitorName' => '<string>', // REQUIRED
]);

Parameter Details

Members
monitorName
Required: Yes
Type: string

The name of the monitor to delete.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

ResourceNotFoundException:

The request specifies a resource that doesn't exist.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

DeleteScope 

$result = $client->deleteScope([/* ... */]);
$promise = $client->deleteScopeAsync([/* ... */]);

Deletes a scope that has been defined.

Parameter Syntax

$result = $client->deleteScope([
    'scopeId' => '<string>', // REQUIRED
]);

Parameter Details

Members
scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

GetMonitor 

$result = $client->getMonitor([/* ... */]);
$promise = $client->getMonitorAsync([/* ... */]);

Gets information about a monitor in Network Flow Monitor based on a monitor name. The information returned includes the Amazon Resource Name (ARN), create time, modified time, resources included in the monitor, and status information.

Parameter Syntax

$result = $client->getMonitor([
    'monitorName' => '<string>', // REQUIRED
]);

Parameter Details

Members
monitorName
Required: Yes
Type: string

The name of the monitor.

Result Syntax

[
    'createdAt' => <DateTime>,
    'localResources' => [
        [
            'identifier' => '<string>',
            'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet',
        ],
        // ...
    ],
    'modifiedAt' => <DateTime>,
    'monitorArn' => '<string>',
    'monitorName' => '<string>',
    'monitorStatus' => 'PENDING|ACTIVE|INACTIVE|ERROR|DELETING',
    'remoteResources' => [
        [
            'identifier' => '<string>',
            'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::AWSService',
        ],
        // ...
    ],
    'tags' => ['<string>', ...],
]

Result Details

Members
createdAt
Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

The date and time when the monitor was created.

localResources
Required: Yes
Type: Array of MonitorLocalResource structures

The local resources for this monitor.

modifiedAt
Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

The date and time when the monitor was last modified.

monitorArn
Required: Yes
Type: string

The Amazon Resource Name (ARN) of the monitor.

monitorName
Required: Yes
Type: string

The name of the monitor.

monitorStatus
Required: Yes
Type: string

The status of a monitor. The status can be one of the following

  • PENDING: The monitor is in the process of being created.

  • ACTIVE: The monitor is active.

  • INACTIVE: The monitor is inactive.

  • ERROR: Monitor creation failed due to an error.

  • DELETING: The monitor is in the process of being deleted.

remoteResources
Required: Yes
Type: Array of MonitorRemoteResource structures

The remote resources for this monitor.

tags
Type: Associative array of custom strings keys (TagKey) to strings

The tags for a monitor.

Errors

ResourceNotFoundException:

The request specifies a resource that doesn't exist.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

GetQueryResultsMonitorTopContributors 

$result = $client->getQueryResultsMonitorTopContributors([/* ... */]);
$promise = $client->getQueryResultsMonitorTopContributorsAsync([/* ... */]);

Return the data for a query with the Network Flow Monitor query interface. You specify the query that you want to return results for by providing a query ID and a monitor name. This query returns the top contributors for a specific monitor.

Create a query ID for this call by calling the corresponding API call to start the query, StartQueryMonitorTopContributors. Use the scope ID that was returned for your account by CreateScope.

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type, related to a scope (for workload insights) or a monitor.

Parameter Syntax

$result = $client->getQueryResultsMonitorTopContributors([
    'maxResults' => <integer>,
    'monitorName' => '<string>', // REQUIRED
    'nextToken' => '<string>',
    'queryId' => '<string>', // REQUIRED
]);

Parameter Details

Members
maxResults
Type: int

The number of query results that you want to return with this call.

monitorName
Required: Yes
Type: string

The name of the monitor.

nextToken
Type: string

The token for the next set of results. You receive this token from a previous call.

queryId
Required: Yes
Type: string

The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

Result Syntax

[
    'nextToken' => '<string>',
    'topContributors' => [
        [
            'destinationCategory' => 'INTRA_AZ|INTER_AZ|INTER_VPC|UNCLASSIFIED|AMAZON_S3|AMAZON_DYNAMODB',
            'dnatIp' => '<string>',
            'kubernetesMetadata' => [
                'localPodName' => '<string>',
                'localPodNamespace' => '<string>',
                'localServiceName' => '<string>',
                'remotePodName' => '<string>',
                'remotePodNamespace' => '<string>',
                'remoteServiceName' => '<string>',
            ],
            'localAz' => '<string>',
            'localInstanceArn' => '<string>',
            'localInstanceId' => '<string>',
            'localIp' => '<string>',
            'localRegion' => '<string>',
            'localSubnetArn' => '<string>',
            'localSubnetId' => '<string>',
            'localVpcArn' => '<string>',
            'localVpcId' => '<string>',
            'remoteAz' => '<string>',
            'remoteInstanceArn' => '<string>',
            'remoteInstanceId' => '<string>',
            'remoteIp' => '<string>',
            'remoteRegion' => '<string>',
            'remoteSubnetArn' => '<string>',
            'remoteSubnetId' => '<string>',
            'remoteVpcArn' => '<string>',
            'remoteVpcId' => '<string>',
            'snatIp' => '<string>',
            'targetPort' => <integer>,
            'traversedConstructs' => [
                [
                    'componentArn' => '<string>',
                    'componentId' => '<string>',
                    'componentType' => '<string>',
                    'serviceName' => '<string>',
                ],
                // ...
            ],
            'value' => <integer>,
        ],
        // ...
    ],
    'unit' => 'Seconds|Microseconds|Milliseconds|Bytes|Kilobytes|Megabytes|Gigabytes|Terabytes|Bits|Kilobits|Megabits|Gigabits|Terabits|Percent|Count|Bytes/Second|Kilobytes/Second|Megabytes/Second|Gigabytes/Second|Terabytes/Second|Bits/Second|Kilobits/Second|Megabits/Second|Gigabits/Second|Terabits/Second|Count/Second|None',
]

Result Details

Members
nextToken
Type: string

The token for the next set of results. You receive this token from a previous call.

topContributors
Type: Array of MonitorTopContributorsRow structures

The top contributor network flows overall for a specific metric type, for example, the number of retransmissions.

unit
Type: string

The units for a metric returned by the query.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ResourceNotFoundException:

The request specifies a resource that doesn't exist.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

GetQueryResultsWorkloadInsightsTopContributors 

$result = $client->getQueryResultsWorkloadInsightsTopContributors([/* ... */]);
$promise = $client->getQueryResultsWorkloadInsightsTopContributorsAsync([/* ... */]);

Return the data for a query with the Network Flow Monitor query interface. You specify the query that you want to return results for by providing a query ID and a monitor name. This query returns the top contributors for a specific monitor.

Create a query ID for this call by calling the corresponding API call to start the query, StartQueryWorkloadInsightsTopContributors. Use the scope ID that was returned for your account by CreateScope.

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type, related to a scope (for workload insights) or a monitor.

Parameter Syntax

$result = $client->getQueryResultsWorkloadInsightsTopContributors([
    'maxResults' => <integer>,
    'nextToken' => '<string>',
    'queryId' => '<string>', // REQUIRED
    'scopeId' => '<string>', // REQUIRED
]);

Parameter Details

Members
maxResults
Type: int

The number of query results that you want to return with this call.

nextToken
Type: string

The token for the next set of results. You receive this token from a previous call.

queryId
Required: Yes
Type: string

The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.

Result Syntax

[
    'nextToken' => '<string>',
    'topContributors' => [
        [
            'accountId' => '<string>',
            'localAz' => '<string>',
            'localRegion' => '<string>',
            'localSubnetArn' => '<string>',
            'localSubnetId' => '<string>',
            'localVpcArn' => '<string>',
            'localVpcId' => '<string>',
            'remoteIdentifier' => '<string>',
            'value' => <integer>,
        ],
        // ...
    ],
]

Result Details

Members
nextToken
Type: string

The token for the next set of results. You receive this token from a previous call.

topContributors
Type: Array of WorkloadInsightsTopContributorsRow structures

The top contributor network flows overall for a specific metric type, for example, the number of retransmissions.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ResourceNotFoundException:

The request specifies a resource that doesn't exist.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

GetQueryResultsWorkloadInsightsTopContributorsData 

$result = $client->getQueryResultsWorkloadInsightsTopContributorsData([/* ... */]);
$promise = $client->getQueryResultsWorkloadInsightsTopContributorsDataAsync([/* ... */]);

Return the data for a query with the Network Flow Monitor query interface. Specify the query that you want to return results for by providing a query ID and a scope ID. This query returns data for the top contributors for workload insights. Workload insights provide a high level view of network flow performance data collected by agents for a scope.

Create a query ID for this call by calling the corresponding API call to start the query, StartQueryWorkloadInsightsTopContributorsData. Use the scope ID that was returned for your account by CreateScope.

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type, related to a scope (for workload insights) or a monitor.

The top contributor network flows overall for a specific metric type, for example, the number of retransmissions.

Parameter Syntax

$result = $client->getQueryResultsWorkloadInsightsTopContributorsData([
    'maxResults' => <integer>,
    'nextToken' => '<string>',
    'queryId' => '<string>', // REQUIRED
    'scopeId' => '<string>', // REQUIRED
]);

Parameter Details

Members
maxResults
Type: int

The number of query results that you want to return with this call.

nextToken
Type: string

The token for the next set of results. You receive this token from a previous call.

queryId
Required: Yes
Type: string

The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.

Result Syntax

[
    'datapoints' => [
        [
            'label' => '<string>',
            'timestamps' => [<DateTime>, ...],
            'values' => [<float>, ...],
        ],
        // ...
    ],
    'nextToken' => '<string>',
    'unit' => 'Seconds|Microseconds|Milliseconds|Bytes|Kilobytes|Megabytes|Gigabytes|Terabytes|Bits|Kilobits|Megabits|Gigabits|Terabits|Percent|Count|Bytes/Second|Kilobytes/Second|Megabytes/Second|Gigabytes/Second|Terabytes/Second|Bits/Second|Kilobits/Second|Megabits/Second|Gigabits/Second|Terabits/Second|Count/Second|None',
]

Result Details

Members
datapoints
Required: Yes
Type: Array of WorkloadInsightsTopContributorsDataPoint structures

The datapoints returned by the query.

nextToken
Type: string

The token for the next set of results. You receive this token from a previous call.

unit
Required: Yes
Type: string

The units for a metric returned by the query.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ResourceNotFoundException:

The request specifies a resource that doesn't exist.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

GetQueryStatusMonitorTopContributors 

$result = $client->getQueryStatusMonitorTopContributors([/* ... */]);
$promise = $client->getQueryStatusMonitorTopContributorsAsync([/* ... */]);

Returns the current status of a query for the Network Flow Monitor query interface, for a specified query ID and monitor. This call returns the query status for the top contributors for a monitor.

When you start a query, use this call to check the status of the query to make sure that it has has SUCCEEDED before you review the results. Use the same query ID that you used for the corresponding API call to start the query, StartQueryMonitorTopContributors.

When you run a query, use this call to check the status of the query to make sure that the query has SUCCEEDED before you review the results.

Parameter Syntax

$result = $client->getQueryStatusMonitorTopContributors([
    'monitorName' => '<string>', // REQUIRED
    'queryId' => '<string>', // REQUIRED
]);

Parameter Details

Members
monitorName
Required: Yes
Type: string

The name of the monitor.

queryId
Required: Yes
Type: string

The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

Result Syntax

[
    'status' => 'QUEUED|RUNNING|SUCCEEDED|FAILED|CANCELED',
]

Result Details

Members
status
Required: Yes
Type: string

When you run a query, use this call to check the status of the query to make sure that the query has SUCCEEDED before you review the results.

  • QUEUED: The query is scheduled to run.

  • RUNNING: The query is in progress but not complete.

  • SUCCEEDED: The query completed sucessfully.

  • FAILED: The query failed due to an error.

  • CANCELED: The query was canceled.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

GetQueryStatusWorkloadInsightsTopContributors 

$result = $client->getQueryStatusWorkloadInsightsTopContributors([/* ... */]);
$promise = $client->getQueryStatusWorkloadInsightsTopContributorsAsync([/* ... */]);

Return the data for a query with the Network Flow Monitor query interface. Specify the query that you want to return results for by providing a query ID and a monitor name. This query returns the top contributors for workload insights.

When you start a query, use this call to check the status of the query to make sure that it has has SUCCEEDED before you review the results. Use the same query ID that you used for the corresponding API call to start the query, StartQueryWorkloadInsightsTopContributors.

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type, related to a scope (for workload insights) or a monitor.

Parameter Syntax

$result = $client->getQueryStatusWorkloadInsightsTopContributors([
    'queryId' => '<string>', // REQUIRED
    'scopeId' => '<string>', // REQUIRED
]);

Parameter Details

Members
queryId
Required: Yes
Type: string

The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.

Result Syntax

[
    'status' => 'QUEUED|RUNNING|SUCCEEDED|FAILED|CANCELED',
]

Result Details

Members
status
Required: Yes
Type: string

When you run a query, use this call to check the status of the query to make sure that the query has SUCCEEDED before you review the results.

  • QUEUED: The query is scheduled to run.

  • RUNNING: The query is in progress but not complete.

  • SUCCEEDED: The query completed sucessfully.

  • FAILED: The query failed due to an error.

  • CANCELED: The query was canceled.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

GetQueryStatusWorkloadInsightsTopContributorsData 

$result = $client->getQueryStatusWorkloadInsightsTopContributorsData([/* ... */]);
$promise = $client->getQueryStatusWorkloadInsightsTopContributorsDataAsync([/* ... */]);

Returns the current status of a query for the Network Flow Monitor query interface, for a specified query ID and monitor. This call returns the query status for the top contributors data for workload insights.

When you start a query, use this call to check the status of the query to make sure that it has has SUCCEEDED before you review the results. Use the same query ID that you used for the corresponding API call to start the query, StartQueryWorkloadInsightsTopContributorsData.

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type, related to a scope (for workload insights) or a monitor.

The top contributor network flows overall for a specific metric type, for example, the number of retransmissions.

Parameter Syntax

$result = $client->getQueryStatusWorkloadInsightsTopContributorsData([
    'queryId' => '<string>', // REQUIRED
    'scopeId' => '<string>', // REQUIRED
]);

Parameter Details

Members
queryId
Required: Yes
Type: string

The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account. A scope ID is returned from a CreateScope API call.

Result Syntax

[
    'status' => 'QUEUED|RUNNING|SUCCEEDED|FAILED|CANCELED',
]

Result Details

Members
status
Required: Yes
Type: string

The status of a query for top contributors data.

  • QUEUED: The query is scheduled to run.

  • RUNNING: The query is in progress but not complete.

  • SUCCEEDED: The query completed sucessfully.

  • FAILED: The query failed due to an error.

  • CANCELED: The query was canceled.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

GetScope 

$result = $client->getScope([/* ... */]);
$promise = $client->getScopeAsync([/* ... */]);

Gets information about a scope, including the name, status, tags, and target details. The scope in Network Flow Monitor is an account.

Parameter Syntax

$result = $client->getScope([
    'scopeId' => '<string>', // REQUIRED
]);

Parameter Details

Members
scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account. A scope ID is returned from a CreateScope API call.

Result Syntax

[
    'scopeArn' => '<string>',
    'scopeId' => '<string>',
    'status' => 'SUCCEEDED|IN_PROGRESS|FAILED',
    'tags' => ['<string>', ...],
    'targets' => [
        [
            'region' => '<string>',
            'targetIdentifier' => [
                'targetId' => [
                    'accountId' => '<string>',
                ],
                'targetType' => 'ACCOUNT',
            ],
        ],
        // ...
    ],
]

Result Details

Members
scopeArn
Required: Yes
Type: string

The Amazon Resource Name (ARN) of the scope.

scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account. A scope ID is returned from a CreateScope API call.

status
Required: Yes
Type: string

The status of a scope. The status can be one of the following: SUCCEEDED, IN_PROGRESS, or FAILED.

tags
Type: Associative array of custom strings keys (TagKey) to strings

The tags for a scope.

targets
Required: Yes
Type: Array of TargetResource structures

The targets for a scope

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

ListMonitors 

$result = $client->listMonitors([/* ... */]);
$promise = $client->listMonitorsAsync([/* ... */]);

List all monitors in an account. Optionally, you can list only monitors that have a specific status, by using the STATUS parameter.

Parameter Syntax

$result = $client->listMonitors([
    'maxResults' => <integer>,
    'monitorStatus' => 'PENDING|ACTIVE|INACTIVE|ERROR|DELETING',
    'nextToken' => '<string>',
]);

Parameter Details

Members
maxResults
Type: int

The number of query results that you want to return with this call.

monitorStatus
Type: string

The status of a monitor. The status can be one of the following

  • PENDING: The monitor is in the process of being created.

  • ACTIVE: The monitor is active.

  • INACTIVE: The monitor is inactive.

  • ERROR: Monitor creation failed due to an error.

  • DELETING: The monitor is in the process of being deleted.

nextToken
Type: string

The token for the next set of results. You receive this token from a previous call.

Result Syntax

[
    'monitors' => [
        [
            'monitorArn' => '<string>',
            'monitorName' => '<string>',
            'monitorStatus' => 'PENDING|ACTIVE|INACTIVE|ERROR|DELETING',
        ],
        // ...
    ],
    'nextToken' => '<string>',
]

Result Details

Members
monitors
Required: Yes
Type: Array of MonitorSummary structures

The monitors that are in an account.

nextToken
Type: string

The token for the next set of results. You receive this token from a previous call.

Errors

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

ListScopes 

$result = $client->listScopes([/* ... */]);
$promise = $client->listScopesAsync([/* ... */]);

List all the scopes for an account.

Parameter Syntax

$result = $client->listScopes([
    'maxResults' => <integer>,
    'nextToken' => '<string>',
]);

Parameter Details

Members
maxResults
Type: int

The number of query results that you want to return with this call.

nextToken
Type: string

The token for the next set of results. You receive this token from a previous call.

Result Syntax

[
    'nextToken' => '<string>',
    'scopes' => [
        [
            'scopeArn' => '<string>',
            'scopeId' => '<string>',
            'status' => 'SUCCEEDED|IN_PROGRESS|FAILED',
        ],
        // ...
    ],
]

Result Details

Members
nextToken
Type: string

The token for the next set of results. You receive this token from a previous call.

scopes
Required: Yes
Type: Array of ScopeSummary structures

The scopes returned by the call.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

ListTagsForResource 

$result = $client->listTagsForResource([/* ... */]);
$promise = $client->listTagsForResourceAsync([/* ... */]);

Returns all the tags for a resource.

Parameter Syntax

$result = $client->listTagsForResource([
    'resourceArn' => '<string>', // REQUIRED
]);

Parameter Details

Members
resourceArn
Required: Yes
Type: string

The Amazon Resource Name (ARN) of the resource.

Result Syntax

[
    'tags' => ['<string>', ...],
]

Result Details

Members
tags
Type: Associative array of custom strings keys (TagKey) to strings

The tags for a resource.

Errors

ResourceNotFoundException:

The request specifies a resource that doesn't exist.

ConflictException:

The requested resource is in use.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

StartQueryMonitorTopContributors 

$result = $client->startQueryMonitorTopContributors([/* ... */]);
$promise = $client->startQueryMonitorTopContributorsAsync([/* ... */]);

Start a query to return the data with the Network Flow Monitor query interface. Specify the query that you want to return results for by providing a query ID and a monitor name. This query returns the top contributors for a specific monitor.

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type, related to a scope (for workload insights) or a monitor.

Parameter Syntax

$result = $client->startQueryMonitorTopContributors([
    'destinationCategory' => 'INTRA_AZ|INTER_AZ|INTER_VPC|UNCLASSIFIED|AMAZON_S3|AMAZON_DYNAMODB', // REQUIRED
    'endTime' => <integer || string || DateTime>, // REQUIRED
    'limit' => <integer>,
    'metricName' => 'ROUND_TRIP_TIME|TIMEOUTS|RETRANSMISSIONS|DATA_TRANSFERRED', // REQUIRED
    'monitorName' => '<string>', // REQUIRED
    'startTime' => <integer || string || DateTime>, // REQUIRED
]);

Parameter Details

Members
destinationCategory
Required: Yes
Type: string

The category that you want to query top contributors for, for a specific monitor. Destination categories can be one of the following:

  • INTRA_AZ: Top contributor network flows within a single Availability Zone

  • INTER_AZ: Top contributor network flows between Availability Zones

  • INTER_VPC: Top contributor network flows between VPCs

  • AWS_SERVICES: Top contributor network flows to or from Amazon Web Services services

  • UNCLASSIFIED: Top contributor network flows that do not have a bucket classification

endTime
Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

The timestamp that is the date and time end of the period that you want to retrieve results for with your query.

limit
Type: int

The maximum number of top contributors to return.

metricName
Required: Yes
Type: string

The metric that you want to query top contributors for. That is, you can specify this metric to return the top contributor network flows, for this type of metric, for a monitor and (optionally) within a specific category, such as network flows between Availability Zones.

monitorName
Required: Yes
Type: string

The name of the monitor.

startTime
Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

The timestamp that is the date and time beginning of the period that you want to retrieve results for with your query.

Result Syntax

[
    'queryId' => '<string>',
]

Result Details

Members
queryId
Required: Yes
Type: string

The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

StartQueryWorkloadInsightsTopContributors 

$result = $client->startQueryWorkloadInsightsTopContributors([/* ... */]);
$promise = $client->startQueryWorkloadInsightsTopContributorsAsync([/* ... */]);

Start a query to return the data with the Network Flow Monitor query interface. Specify the query that you want to start by providing a query ID and a monitor name. This query returns the top contributors for a specific monitor.

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type, related to a scope (for workload insights) or a monitor.

Parameter Syntax

$result = $client->startQueryWorkloadInsightsTopContributors([
    'destinationCategory' => 'INTRA_AZ|INTER_AZ|INTER_VPC|UNCLASSIFIED|AMAZON_S3|AMAZON_DYNAMODB', // REQUIRED
    'endTime' => <integer || string || DateTime>, // REQUIRED
    'limit' => <integer>,
    'metricName' => 'TIMEOUTS|RETRANSMISSIONS|DATA_TRANSFERRED', // REQUIRED
    'scopeId' => '<string>', // REQUIRED
    'startTime' => <integer || string || DateTime>, // REQUIRED
]);

Parameter Details

Members
destinationCategory
Required: Yes
Type: string

The destination category for a top contributors row. Destination categories can be one of the following:

  • INTRA_AZ: Top contributor network flows within a single Availability Zone

  • INTER_AZ: Top contributor network flows between Availability Zones

  • INTER_VPC: Top contributor network flows between VPCs

  • AWS_SERVICES: Top contributor network flows to or from Amazon Web Services services

  • UNCLASSIFIED: Top contributor network flows that do not have a bucket classification

endTime
Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

The timestamp that is the date and time end of the period that you want to retrieve results for with your query.

limit
Type: int

The maximum number of top contributors to return.

metricName
Required: Yes
Type: string

The metric that you want to query top contributors for. That is, you can specify this metric to return the top contributor network flows, for this type of metric, for a monitor and (optionally) within a specific category, such as network flows between Availability Zones.

scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account. A scope ID is returned from a CreateScope API call.

startTime
Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

The timestamp that is the date and time beginning of the period that you want to retrieve results for with your query.

Result Syntax

[
    'queryId' => '<string>',
]

Result Details

Members
queryId
Required: Yes
Type: string

The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

StartQueryWorkloadInsightsTopContributorsData 

$result = $client->startQueryWorkloadInsightsTopContributorsData([/* ... */]);
$promise = $client->startQueryWorkloadInsightsTopContributorsDataAsync([/* ... */]);

Return the data for a query with the Network Flow Monitor query interface. Specify the query that you want to return results for by providing a query ID and a scope ID. This query returns data for the top contributors for workload insights. Workload insights provide a high level view of network flow performance data collected by agents for a scope.

A query ID is returned from an API call to start a query of a specific type; for example

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type, related to a scope (for workload insights) or a monitor.

The top contributor network flows overall for a specific metric type, for example, the number of retransmissions.

Parameter Syntax

$result = $client->startQueryWorkloadInsightsTopContributorsData([
    'destinationCategory' => 'INTRA_AZ|INTER_AZ|INTER_VPC|UNCLASSIFIED|AMAZON_S3|AMAZON_DYNAMODB', // REQUIRED
    'endTime' => <integer || string || DateTime>, // REQUIRED
    'metricName' => 'TIMEOUTS|RETRANSMISSIONS|DATA_TRANSFERRED', // REQUIRED
    'scopeId' => '<string>', // REQUIRED
    'startTime' => <integer || string || DateTime>, // REQUIRED
]);

Parameter Details

Members
destinationCategory
Required: Yes
Type: string

The destination category for a top contributors. Destination categories can be one of the following:

  • INTRA_AZ: Top contributor network flows within a single Availability Zone

  • INTER_AZ: Top contributor network flows between Availability Zones

  • INTER_VPC: Top contributor network flows between VPCs

  • AWS_SERVICES: Top contributor network flows to or from Amazon Web Services services

  • UNCLASSIFIED: Top contributor network flows that do not have a bucket classification

endTime
Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

The timestamp that is the date and time end of the period that you want to retrieve results for with your query.

metricName
Required: Yes
Type: string

The metric that you want to query top contributors for. That is, you can specify this metric to return the top contributor network flows, for this type of metric, for a monitor and (optionally) within a specific category, such as network flows between Availability Zones.

scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.

startTime
Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

The timestamp that is the date and time beginning of the period that you want to retrieve results for with your query.

Result Syntax

[
    'queryId' => '<string>',
]

Result Details

Members
queryId
Required: Yes
Type: string

The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

StopQueryMonitorTopContributors 

$result = $client->stopQueryMonitorTopContributors([/* ... */]);
$promise = $client->stopQueryMonitorTopContributorsAsync([/* ... */]);

Stop a query with the Network Flow Monitor query interface. Specify the query that you want to stop by providing a query ID and a monitor name. This query returns the top contributors for a specific monitor.

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type, related to a scope (for workload insights) or a monitor.

Parameter Syntax

$result = $client->stopQueryMonitorTopContributors([
    'monitorName' => '<string>', // REQUIRED
    'queryId' => '<string>', // REQUIRED
]);

Parameter Details

Members
monitorName
Required: Yes
Type: string

The name of the monitor.

queryId
Required: Yes
Type: string

The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

StopQueryWorkloadInsightsTopContributors 

$result = $client->stopQueryWorkloadInsightsTopContributors([/* ... */]);
$promise = $client->stopQueryWorkloadInsightsTopContributorsAsync([/* ... */]);

Stop a query with the Network Flow Monitor query interface. Specify the query that you want to stop by providing a query ID and a monitor name. This query returns the top contributors for a specific monitor.

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type, related to a scope (for workload insights) or a monitor.

Parameter Syntax

$result = $client->stopQueryWorkloadInsightsTopContributors([
    'queryId' => '<string>', // REQUIRED
    'scopeId' => '<string>', // REQUIRED
]);

Parameter Details

Members
queryId
Required: Yes
Type: string

The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

StopQueryWorkloadInsightsTopContributorsData 

$result = $client->stopQueryWorkloadInsightsTopContributorsData([/* ... */]);
$promise = $client->stopQueryWorkloadInsightsTopContributorsDataAsync([/* ... */]);

Return the data for a query with the Network Flow Monitor query interface. Specify the query that you want to return results for by providing a query ID and a scope ID. This query returns data for the top contributors for workload insights. Workload insights provide a high level view of network flow performance data collected by agents for a scope.

Top contributors in Network Flow Monitor are network flows with the highest values for a specific metric type, related to a scope (for workload insights) or a monitor.

The top contributor network flows overall for a specific metric type, for example, the number of retransmissions.

Parameter Syntax

$result = $client->stopQueryWorkloadInsightsTopContributorsData([
    'queryId' => '<string>', // REQUIRED
    'scopeId' => '<string>', // REQUIRED
]);

Parameter Details

Members
queryId
Required: Yes
Type: string

The identifier for the query. A query ID is an internally-generated identifier for a specific query returned from an API call to start a query.

scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

TagResource 

$result = $client->tagResource([/* ... */]);
$promise = $client->tagResourceAsync([/* ... */]);

Adds a tag to a resource.

Parameter Syntax

$result = $client->tagResource([
    'resourceArn' => '<string>', // REQUIRED
    'tags' => ['<string>', ...], // REQUIRED
]);

Parameter Details

Members
resourceArn
Required: Yes
Type: string

The Amazon Resource Name (ARN) of the resource.

tags
Required: Yes
Type: Associative array of custom strings keys (TagKey) to strings

The tags for a resource.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

ResourceNotFoundException:

The request specifies a resource that doesn't exist.

ConflictException:

The requested resource is in use.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

UntagResource 

$result = $client->untagResource([/* ... */]);
$promise = $client->untagResourceAsync([/* ... */]);

Removes a tag from a resource.

Parameter Syntax

$result = $client->untagResource([
    'resourceArn' => '<string>', // REQUIRED
    'tagKeys' => ['<string>', ...], // REQUIRED
]);

Parameter Details

Members
resourceArn
Required: Yes
Type: string

The Amazon Resource Name (ARN) of the resource.

tagKeys
Required: Yes
Type: Array of strings

Keys that you specified when you tagged a resource.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

ResourceNotFoundException:

The request specifies a resource that doesn't exist.

ConflictException:

The requested resource is in use.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

UpdateMonitor 

$result = $client->updateMonitor([/* ... */]);
$promise = $client->updateMonitorAsync([/* ... */]);

Update a monitor to add or remove local or remote resources.

Parameter Syntax

$result = $client->updateMonitor([
    'clientToken' => '<string>',
    'localResourcesToAdd' => [
        [
            'identifier' => '<string>', // REQUIRED
            'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet', // REQUIRED
        ],
        // ...
    ],
    'localResourcesToRemove' => [
        [
            'identifier' => '<string>', // REQUIRED
            'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet', // REQUIRED
        ],
        // ...
    ],
    'monitorName' => '<string>', // REQUIRED
    'remoteResourcesToAdd' => [
        [
            'identifier' => '<string>', // REQUIRED
            'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::AWSService', // REQUIRED
        ],
        // ...
    ],
    'remoteResourcesToRemove' => [
        [
            'identifier' => '<string>', // REQUIRED
            'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::AWSService', // REQUIRED
        ],
        // ...
    ],
]);

Parameter Details

Members
clientToken
Type: string

A unique, case-sensitive string of up to 64 ASCII characters that you specify to make an idempotent API request. Don't reuse the same client token for other API requests.

localResourcesToAdd
Type: Array of MonitorLocalResource structures

The local resources to add, as an array of resources with identifiers and types.

localResourcesToRemove
Type: Array of MonitorLocalResource structures

The local resources to remove, as an array of resources with identifiers and types.

monitorName
Required: Yes
Type: string

The name of the monitor.

remoteResourcesToAdd
Type: Array of MonitorRemoteResource structures

The remove resources to add, as an array of resources with identifiers and types.

remoteResourcesToRemove
Type: Array of MonitorRemoteResource structures

The remove resources to remove, as an array of resources with identifiers and types.

Result Syntax

[
    'createdAt' => <DateTime>,
    'localResources' => [
        [
            'identifier' => '<string>',
            'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet',
        ],
        // ...
    ],
    'modifiedAt' => <DateTime>,
    'monitorArn' => '<string>',
    'monitorName' => '<string>',
    'monitorStatus' => 'PENDING|ACTIVE|INACTIVE|ERROR|DELETING',
    'remoteResources' => [
        [
            'identifier' => '<string>',
            'type' => 'AWS::EC2::VPC|AWS::AvailabilityZone|AWS::EC2::Subnet|AWS::AWSService',
        ],
        // ...
    ],
    'tags' => ['<string>', ...],
]

Result Details

Members
createdAt
Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

The date and time when the monitor was created.

localResources
Required: Yes
Type: Array of MonitorLocalResource structures

The local resources updated for a monitor, as an array of resources with identifiers and types.

modifiedAt
Required: Yes
Type: timestamp (string|DateTime or anything parsable by strtotime)

The last date and time that the monitor was modified.

monitorArn
Required: Yes
Type: string

The Amazon Resource Name (ARN) of the monitor.

monitorName
Required: Yes
Type: string

The name of the monitor.

monitorStatus
Required: Yes
Type: string

The status of a monitor. The status can be one of the following

  • PENDING: The monitor is in the process of being created.

  • ACTIVE: The monitor is active.

  • INACTIVE: The monitor is inactive.

  • ERROR: Monitor creation failed due to an error.

  • DELETING: The monitor is in the process of being deleted.

remoteResources
Required: Yes
Type: Array of MonitorRemoteResource structures

The remote resources updated for a monitor, as an array of resources with identifiers and types.

tags
Type: Associative array of custom strings keys (TagKey) to strings

The tags for a monitor.

Errors

ResourceNotFoundException:

The request specifies a resource that doesn't exist.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

UpdateScope 

$result = $client->updateScope([/* ... */]);
$promise = $client->updateScopeAsync([/* ... */]);

Update a scope to add or remove resources that you want to be available for Network Flow Monitor to generate metrics for, when you have active agents on those resources sending metrics reports to the Network Flow Monitor backend.

Parameter Syntax

$result = $client->updateScope([
    'resourcesToAdd' => [
        [
            'region' => '<string>', // REQUIRED
            'targetIdentifier' => [ // REQUIRED
                'targetId' => [ // REQUIRED
                    'accountId' => '<string>',
                ],
                'targetType' => 'ACCOUNT', // REQUIRED
            ],
        ],
        // ...
    ],
    'resourcesToDelete' => [
        [
            'region' => '<string>', // REQUIRED
            'targetIdentifier' => [ // REQUIRED
                'targetId' => [ // REQUIRED
                    'accountId' => '<string>',
                ],
                'targetType' => 'ACCOUNT', // REQUIRED
            ],
        ],
        // ...
    ],
    'scopeId' => '<string>', // REQUIRED
]);

Parameter Details

Members
resourcesToAdd
Type: Array of TargetResource structures

A list of resources to add to a scope.

resourcesToDelete
Type: Array of TargetResource structures

A list of resources to delete from a scope.

scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.

Result Syntax

[
    'scopeArn' => '<string>',
    'scopeId' => '<string>',
    'status' => 'SUCCEEDED|IN_PROGRESS|FAILED',
    'tags' => ['<string>', ...],
]

Result Details

Members
scopeArn
Required: Yes
Type: string

The Amazon Resource Name (ARN) of the scope.

scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.

status
Required: Yes
Type: string

The status for a call to update a scope. The status can be one of the following: SUCCEEDED, IN_PROGRESS, or FAILED.

tags
Type: Associative array of custom strings keys (TagKey) to strings

The tags for a scope.

Errors

ServiceQuotaExceededException:

The request exceeded a service quota.

ValidationException:

Invalid request.

ThrottlingException:

The request was denied due to request throttling.

AccessDeniedException:

You don't have sufficient permission to perform this action.

InternalServerException:

An internal error occurred.

Shapes

AccessDeniedException

Description

You don't have sufficient permission to perform this action.

Members
message
Type: string

ConflictException

Description

The requested resource is in use.

Members
message
Type: string

InternalServerException

Description

An internal error occurred.

Members
message
Type: string

KubernetesMetadata

Description

Meta data about Kubernetes resources.

Members
localPodName
Type: string

The name of the pod for a local resource.

localPodNamespace
Type: string

The namespace of the pod for a local resource.

localServiceName
Type: string

The service name for a local resource.

remotePodName
Type: string

The name of the pod for a remote resource.

remotePodNamespace
Type: string

The namespace of the pod for a remote resource.

remoteServiceName
Type: string

The service name for a remote resource.

MonitorLocalResource

Description

A local resource is the host where the agent is installed. Local resources can be a a subnet, a VPC, or an Availability Zone.

Members
identifier
Required: Yes
Type: string

The identifier of the local resource, such as an ARN.

type
Required: Yes
Type: string

The type of the local resource. Valid values are AWS::EC2::VPC AWS::AvailabilityZone or AWS::EC2::Subnet.

MonitorRemoteResource

Description

A remote resource is the other endpoint in a network flow. That is, one endpoint is the local resource and the other is the remote resource. Remote resources can be a a subnet, a VPC, an Availability Zone, or an Amazon Web Services service.

Members
identifier
Required: Yes
Type: string

The identifier of the remote resource, such as an ARN.

type
Required: Yes
Type: string

The type of the remote resource. Valid values are AWS::EC2::VPC AWS::AvailabilityZone, AWS::EC2::Subnet, or AWS::AWSService.

MonitorSummary

Description

A summary of information about a monitor, includ the ARN, the name, and the status.

Members
monitorArn
Required: Yes
Type: string

The Amazon Resource Name (ARN) of the monitor.

monitorName
Required: Yes
Type: string

The name of the monitor.

monitorStatus
Required: Yes
Type: string

The status of a monitor. The status can be one of the following

  • PENDING: The monitor is in the process of being created.

  • ACTIVE: The monitor is active.

  • INACTIVE: The monitor is inactive.

  • ERROR: Monitor creation failed due to an error.

  • DELETING: The monitor is in the process of being deleted.

MonitorTopContributorsRow

Description

A set of information for a top contributor network flow in a monitor. In a monitor, Network Flow Monitor returns information about the network flows for top contributors for each metric. Top contributors are network flows with the top values for each metric type.

Members
destinationCategory
Type: string

The destination category for a top contributors row. Destination categories can be one of the following:

  • INTRA_AZ: Top contributor network flows within a single Availability Zone

  • INTER_AZ: Top contributor network flows between Availability Zones

  • INTER_VPC: Top contributor network flows between VPCs

  • AWS_SERVICES: Top contributor network flows to or from Amazon Web Services services

  • UNCLASSIFIED: Top contributor network flows that do not have a bucket classification

dnatIp
Type: string

The destination network address translation (DNAT) IP address for a top contributor network flow.

kubernetesMetadata
Type: KubernetesMetadata structure

Meta data about Kubernetes resources.

localAz
Type: string

The Availability Zone for the local resource for a top contributor network flow.

localInstanceArn
Type: string

The Amazon Resource Name (ARN) of a local resource.

localInstanceId
Type: string

The instance identifier for the local resource for a top contributor network flow.

localIp
Type: string

The IP address of the local resource for a top contributor network flow.

localRegion
Type: string

The Amazon Web Services Region for the local resource for a top contributor network flow.

localSubnetArn
Type: string

The Amazon Resource Name (ARN) of a local subnet.

localSubnetId
Type: string

The subnet ID for the local resource for a top contributor network flow.

localVpcArn
Type: string

The Amazon Resource Name (ARN) of a local VPC.

localVpcId
Type: string

The VPC ID for a top contributor network flow for the local resource.

remoteAz
Type: string

The Availability Zone for the remote resource for a top contributor network flow.

remoteInstanceArn
Type: string

The Amazon Resource Name (ARN) of a remote resource.

remoteInstanceId
Type: string

The instance identifier for the remote resource for a top contributor network flow.

remoteIp
Type: string

The IP address of the remote resource for a top contributor network flow.

remoteRegion
Type: string

The Amazon Web Services Region for the remote resource for a top contributor network flow.

remoteSubnetArn
Type: string

The Amazon Resource Name (ARN) of a remote subnet.

remoteSubnetId
Type: string

The subnet ID for the remote resource for a top contributor network flow.

remoteVpcArn
Type: string

The Amazon Resource Name (ARN) of a remote VPC.

remoteVpcId
Type: string

The VPC ID for a top contributor network flow for the remote resource.

snatIp
Type: string

The secure network address translation (SNAT) IP address for a top contributor network flow.

targetPort
Type: int

The target port.

traversedConstructs
Type: Array of TraversedComponent structures

The constructs traversed by a network flow.

value
Type: long (int|float)

The value of the metric for a top contributor network flow.

ResourceNotFoundException

Description

The request specifies a resource that doesn't exist.

Members
message
Type: string

ScopeSummary

Description

A summary of information about a scope, including the ARN, target ID, and Amazon Web Services Region.

Members
scopeArn
Required: Yes
Type: string

The Amazon Resource Name (ARN) of the scope.

scopeId
Required: Yes
Type: string

The identifier for the scope that includes the resources you want to get data results for. A scope ID is an internally-generated identifier that includes all the resources for a specific root account.

status
Required: Yes
Type: string

The status of a scope. The status can be one of the following, depending on the state of scope creation: SUCCEEDED, IN_PROGRESS, or FAILED.

ServiceQuotaExceededException

Description

The request exceeded a service quota.

Members
message
Type: string

TargetId

Description

A target ID is an internally-generated identifier for a target. A target allows you to identify all the resources in a Network Flow Monitor scope. Currently, a target is always an Amazon Web Services account.

Members
accountId
Type: string

The identifier for the account for a target.

TargetIdentifier

Description

A target identifier is a pair of identifying information for a resource that is included in a target. A target identifier includes the target ID and the target type.

Members
targetId
Required: Yes
Type: TargetId structure

The identifier for a target.

targetType
Required: Yes
Type: string

The type of a target. A target type is currently always ACCOUNT because a target is currently a single Amazon Web Services account.

TargetResource

Description

A target resource in a scope. The resource is identified by a Region and a target identifier, which includes a target ID and a target type.

Members
region
Required: Yes
Type: string

The Amazon Web Services Region where the target resource is located.

targetIdentifier
Required: Yes
Type: TargetIdentifier structure

A target identifier is a pair of identifying information for a resource that is included in a target. A target identifier includes the target ID and the target type.

ThrottlingException

Description

The request was denied due to request throttling.

Members
message
Type: string

TraversedComponent

Description

A section of the network that a network flow has traveled through.

Members
componentArn
Type: string

The Amazon Resource Name (ARN) of a tranversed component.

componentId
Type: string

The identifier for the traversed component.

componentType
Type: string

The type of component that was traversed.

serviceName
Type: string

The service name for the traversed component.

ValidationException

Description

Invalid request.

Members
message
Type: string

WorkloadInsightsTopContributorsDataPoint

Description

A data point for a top contributor network flow in a scope. Network Flow Monitor returns information about the network flows with the top values for each metric type, which are called top contributors.

Members
label
Required: Yes
Type: string

The label identifying the data point.

timestamps
Required: Yes
Type: Array of timestamp (string|DateTime or anything parsable by strtotime)s

An array of the timestamps for the data point.

values
Required: Yes
Type: Array of doubles

The values for the data point.

WorkloadInsightsTopContributorsRow

Description

A row for a top contributor for a scope.

Members
accountId
Type: string

The account ID for a specific row of data.

localAz
Type: string

The identifier for the Availability Zone where the local resource is located.

localRegion
Type: string

The Amazon Web Services Region where the local resource is located.

localSubnetArn
Type: string

The Amazon Resource Name (ARN) of a local subnet.

localSubnetId
Type: string

The subnet identifier for the local resource.

localVpcArn
Type: string

The Amazon Resource Name (ARN) of a local VPC.

localVpcId
Type: string

The identifier for the VPC for the local resource.

remoteIdentifier
Type: string

The identifier of a remote resource.

value
Type: long (int|float)

The value for a metric.