AWS CloudWatch now supports simplified cross-account log centralization through organizational rules. Set up a delegated administrator in your logging account, create rules based on account IDs, organizational units, or entire organizations, and automatically copy logs across accounts and regions. Logs include @aws.account and @aws.region fields for filtering in Logs Insights. The first copy is free, with subsequent copies costing $0.05/GB. Note that log group settings like retention policies are not preserved and must be reapplied separately.
Table of contents
You Need an Organization to Set up RulesCreating Your First RuleLogs have the fields @aws.account and @aws.regionAdditional Settings like Retention Are Stripped ofPricingSort: