AWS Security ChangesHomeSearch

AWS AmazonCloudWatch documentation change

Service: AmazonCloudWatch · 2026-04-19 · Documentation low

File: AmazonCloudWatch/latest/monitoring/data-sources.md

Summary

Completely restructured the data sources documentation, replacing detailed breakdown of three data source types with a concise overview and reference to telemetry configuration

Security assessment

The change reorganizes documentation content but doesn't address any security vulnerabilities or add new security features. It mentions 'security insights' in passing but this is part of general observability context, not a security-specific addition.

Diff

diff --git a/AmazonCloudWatch/latest/monitoring/data-sources.md b/AmazonCloudWatch/latest/monitoring/data-sources.md
index b06919bd1..a089b9ee6 100644
--- a//AmazonCloudWatch/latest/monitoring/data-sources.md
+++ b//AmazonCloudWatch/latest/monitoring/data-sources.md
@@ -7,28 +7 @@
-# Data sources
-
-CloudWatch pipelines supports three types of data:
-
-  * **AWS services logs through CloudWatch Logs**
-
-When an AWS service source is selected, CloudWatch pipelines intercepts logs ingested into CloudWatch Logs for processing. Processing of vended AWS service data occurs at the Log Source and Source Type level through CloudWatch Logs data sources. To get started enable logging of vended logs for the supported AWS services using the service’s console and then select the data source and type in the CloudWatch pipelines creation wizard. For more information about CloudWatch Logs data sources, see [Data source discovery and management](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/data-source-discovery-management.html).
-
-AWS vended sources provide _native integration_ with AWS services for automatic data collection. For a list of data source names and types, see [Supported AWS services for data sources](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/supported-aws-services-data-sources.html).
-
-  * **Third-party log data through integration**
-
-Third-party log data can extend monitoring capabilities to support identity and access management as well as endpoint and network security. CloudWatch pipelines manages collection of data from third-party platforms through either direct API integration or an S3 bucket integration. For more details, see [Third-party data sources integration](./third-party-integration-setup.html). For a list of data source names and types, see [Supported third-party sources for data sources](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/supported-third-party-sources-data-sources.html).
-
-Third-party integration sent through Security Hub CSPM is also supported. For comprehensive information about Security Hub's third-party integrations, including supported partners and integration configurations with "Sends findings" direction, refer to the [Security Hub Third-Party Integration documentation](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html).
-
-  * **Custom logs through CloudWatch Logs or S3 buckets**
-
-CloudWatch pipelines can process custom Logs stored in CloudWatch Logs or S3 buckets. Custom sources accommodate unique organizational requirements:
-
-    * **Application-specific logs** – Custom application telemetry from EC2 instances with specialized logging formats
-
-    * **File-based ingestion** – S3-based log files from legacy systems or batch processing workflows
-
-    * **Serverless integration** – Lambda function logs and custom serverless application telemetry
-
-For more details, see [Custom log data from CloudWatch Logs or an Amazon S3 bucket](./ingestion-custom-data-sources.html). 
-
+# Supported data sources for CloudWatch
@@ -35,0 +9 @@ For more details, see [Custom log data from CloudWatch Logs or an Amazon S3 buck
+CloudWatch collects and processes telemetry data from a wide range of sources to provide unified observability and security insights. Data sources fall into three categories: AWS native services, third-party platforms, and custom sources.
@@ -36,0 +11 @@ For more details, see [Custom log data from CloudWatch Logs or an Amazon S3 buck
+You can automate the enablement of AWS data sources using telemetry configuration. For more information, see [Telemetry discovery and enablement](./telemetry-config-cloudwatch.html).
@@ -59 +34 @@ Managing pipelines
-Third-party data sources integration
+AWS service data sources