feat(cloudwatch): add account id field for log query and metric widgets to support cross account visibility

[ozelalisen]

Issue # (if applicable)

Closes #26105

Reason for this change

CloudWatch supports cross-account visibility for dashboards, allowing users to view metrics and logs from multiple AWS accounts in a single dashboard. However, the CDK CloudWatch construct library was missing the ability to specify the account ID for widgets, preventing users from creating cross-account dashboards using CDK.

Description of changes

I've added an optional accountId property to the following interfaces and classes:
• MetricWidgetProps interface in graph.ts (base interface for metric widgets)
• LogQueryWidgetProps interface in log-query.ts

This property is then passed through to the CloudWatch dashboard JSON for each widget type:
• AlarmWidget
• GraphWidget
• SingleValueWidget
• GaugeWidget
• TableWidget
• LogQueryWidget

I've also:
• Added comprehensive JSDoc documentation explaining the cross-account functionality
• Updated the README.md with a new section on cross-account visibility
• Updated unit tests to verify the accountId is properly included in the widget JSON
• Updated integration tests to demonstrate the feature

Design decisions:
• Made accountId optional to maintain backward compatibility
• Added the property to the base interfaces to ensure consistent implementation across widget types
• Provided clear documentation on prerequisites for cross-account functionality

Describe any new or updated permissions being added

No new IAM permissions are added by this change in the CDK code itself. However, users implementing cross-account CloudWatch dashboards will need to configure appropriate permissions between their accounts:

1. The monitoring account must be set up as a monitoring account in CloudWatch settings
2. The source account must grant permissions to the monitoring account using CloudWatch resource policies
3. Appropriate IAM roles and policies must be configured as described in the AWS documentation

Description of how you validated changes

• Added unit tests for all widget types to verify the accountId property is correctly passed to the CloudWatch dashboard JSON
• Updated integration tests to include accountId in various widget configurations

Checklist

• [x] My code adheres to the CONTRIBUTING GUIDE and DESIGN GUIDELINES

[leonmk-aws]

Can you update the title to something that will better inform users in the changelog ? The current title doesn't really reflect that this adds support for cross account widget support

[ozelalisen]

@leonmk-aws

Can you update the title to something that will better inform users in the changelog ? The current title doesn't really reflect that this adds support for cross account widget support

Done

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[mergify]

This pull request has been removed from the queue for the following reason: pull request branch update failed.

The pull request can't be updated.

You should update or rebase your pull request manually. If you do, this pull request will automatically be requeued once the queue conditions match again.
If you think this was a flaky issue, you can requeue the pull request, without updating it, by posting a @mergifyio requeue comment.

[leonmk-aws]

@Mergifyio requeue

[mergify]

requeue

✅ The queue state of this pull request has been cleaned. It can be re-embarked automatically

[mergify]

This pull request has been removed from the queue for the following reason: pull request branch update failed.

The pull request can't be updated.

You should update or rebase your pull request manually. If you do, this pull request will automatically be requeued once the queue conditions match again.
If you think this was a flaky issue, you can requeue the pull request, without updating it, by posting a @mergifyio requeue comment.

[leonmk-aws]

@Mergifyio requeue

[mergify]

requeue

✅ The queue state of this pull request has been cleaned. It can be re-embarked automatically

[mergify]

This pull request has been removed from the queue for the following reason: pull request branch update failed.

The pull request can't be updated.

You should update or rebase your pull request manually. If you do, this pull request will automatically be requeued once the queue conditions match again.
If you think this was a flaky issue, you can requeue the pull request, without updating it, by posting a @mergifyio requeue comment.

[ozelalisen]

@Mergifyio update

[mergify]

update

❌ Mergify doesn't have permission to update

For security reasons, Mergify can't update this pull request. Try updating locally.
GitHub response: refusing to allow a GitHub App to create or update workflow .github/workflows/codecov-upload.yml without workflows permission

[ozelalisen]

@Mergifyio rebase

[mergify]

rebase

❌ Unable to rebase: user ozelalisen is unknown.

Please make sure ozelalisen has logged in Mergify dashboard.

[leonmk-aws]

@Mergifyio rebase

[mergify]

rebase

❌ Unable to rebase: user leonmk-aws is unknown.

Please make sure leonmk-aws has logged in Mergify dashboard.

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[mergify]

This pull request has been removed from the queue for the following reason: pull request branch update failed.

The pull request can't be updated.

You should update or rebase your pull request manually. If you do, this pull request will automatically be requeued once the queue conditions match again.
If you think this was a flaky issue, you can requeue the pull request, without updating it, by posting a @mergifyio requeue comment.

[aws-cdk-automation]

AWS CodeBuild CI Report

• CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
• Commit ID: 8ecbf1f
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[github-actions]

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.