AWS AmazonCloudWatch documentation change
Summary
Updated service-linked role policy to include EC2 detailed monitoring permissions and added policy update note
Security assessment
Routine update to permissions documentation for telemetry configuration capabilities, no explicit security context provided.
Diff
diff --git a/AmazonCloudWatch/latest/monitoring/using-service-linked-roles.md b/AmazonCloudWatch/latest/monitoring/using-service-linked-roles.md index da8b582fc..9c86e11d6 100644 --- a//AmazonCloudWatch/latest/monitoring/using-service-linked-roles.md +++ b//AmazonCloudWatch/latest/monitoring/using-service-linked-roles.md @@ -206 +206 @@ This policy grants permissions for: - * Basic telemetry operations including describing VPCs, flow logs, log groups. It also includes permissions to enable logging configuration for EKS cluster logging, WAF put logging configuration, enabling NLB logs as well as Route53 Resolver query logging. + * Basic telemetry operations including describing VPCs, flow logs, log groups. It also includes permissions to enable logging configuration for EKS cluster logging, WAF put logging configuration, enabling NLB logs, Route53 Resolver query logging, and Amazon EC2 detailed monitoring. @@ -632,0 +633 @@ Change | Description | Date +AWSObservabilityAdminTelemetryEnablementServiceRolePolicy – Update to service-linked role policy. | Updated information about the AWSObservabilityAdminTelemetryEnablementServiceRolePolicy that grants CloudWatch the permissions necessary to enable and manage telemetry configurations for the additional AWS resources based on telemetry rules. | March 10, 2026