Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
AWSTemplateFormatVersion: '2010-09-09'
Description: Console-Sign-In-via-CloudTrail
Parameters:
AuditNotificationsEventBusArn:
Type: String
Description: "Arn of notificatiaons Event Bus in Audit notifications account"
Resources:
EventsRule:
Type: AWS::Events::Rule
Properties:
Description: Events rule for monitoring AWS Console Sign In activity
EventPattern:
detail-type:
- AWS Console Sign In via CloudTrail
State: ENABLED
Targets:
- Arn:
Ref: AuditNotificationsEventBusArn
Id: AuditNotificationsEventBus
RoleArn: !GetAtt AuditNotificationsPutEventRole.Arn
AuditNotificationsPutEventRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
-
Effect: "Allow"
Principal:
Service: "events.amazonaws.com"
Action: "sts:AssumeRole"
Policies:
-
PolicyName: "AllowPutEvent"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "events:PutEvents"
Resource:
Ref: AuditNotificationsEventBusArn
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment