Last active
May 4, 2016 04:14
-
-
Save jhmartin/7eef4b2f87c55e3e85b3eff7e12b2114 to your computer and use it in GitHub Desktop.
CloudTrail
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"AWSTemplateFormatVersion": "2010-09-09", | |
"Metadata": { | |
"AWS::CloudFormation::Designer": { | |
"f700037a-b1cd-40cc-968f-c67ea5a2d96f": { | |
"size": { | |
"width": 60, | |
"height": 60 | |
}, | |
"position": { | |
"x": 250, | |
"y": 90 | |
}, | |
"z": 0, | |
"embeds": [] | |
}, | |
"64c3dde7-b5e8-4d62-ab93-5befac3f7abf": { | |
"size": { | |
"width": 60, | |
"height": 60 | |
}, | |
"position": { | |
"x": 119, | |
"y": 97 | |
}, | |
"z": 0, | |
"embeds": [], | |
"dependson": [ | |
"f700037a-b1cd-40cc-968f-c67ea5a2d96f" | |
], | |
"isrelatedto": [ | |
"f700037a-b1cd-40cc-968f-c67ea5a2d96f", | |
"70af2c40-d0b5-48e0-9249-23ebde2f51e8" | |
] | |
}, | |
"c02b09f8-2f2c-4f78-8774-366ea0b72bfd": { | |
"source": { | |
"id": "64c3dde7-b5e8-4d62-ab93-5befac3f7abf" | |
}, | |
"target": { | |
"id": "f700037a-b1cd-40cc-968f-c67ea5a2d96f" | |
}, | |
"z": 1 | |
}, | |
"0c8840c5-ee26-4701-8de9-0441b8914d5c": { | |
"size": { | |
"width": 60, | |
"height": 60 | |
}, | |
"position": { | |
"x": 340, | |
"y": 130 | |
}, | |
"z": 0, | |
"embeds": [], | |
"isassociatedwith": [ | |
"f700037a-b1cd-40cc-968f-c67ea5a2d96f" | |
] | |
}, | |
"70af2c40-d0b5-48e0-9249-23ebde2f51e8": { | |
"size": { | |
"width": 140, | |
"height": 140 | |
}, | |
"position": { | |
"x": 80, | |
"y": 190 | |
}, | |
"z": 0, | |
"embeds": [] | |
}, | |
"25438732-8a2a-4466-b2fa-542abf3ee7b1": { | |
"size": { | |
"width": 60, | |
"height": 60 | |
}, | |
"position": { | |
"x": -110.72352118271051, | |
"y": 170.18823147519657 | |
}, | |
"z": 0, | |
"embeds": [] | |
} | |
} | |
}, | |
"Resources": { | |
"S3B42WBC": { | |
"Type": "AWS::S3::Bucket", | |
"Properties": {}, | |
"Metadata": { | |
"AWS::CloudFormation::Designer": { | |
"id": "f700037a-b1cd-40cc-968f-c67ea5a2d96f" | |
} | |
} | |
}, | |
"CTT1AZQC": { | |
"Type": "AWS::CloudTrail::Trail", | |
"Properties": { | |
"CloudWatchLogsRoleArn": { | |
"Fn::GetAtt": [ | |
"CloudTrailRole", | |
"Arn" | |
] | |
}, | |
"CloudWatchLogsLogGroupArn": { | |
"Fn::GetAtt": [ | |
"LLG39AOL", | |
"Arn" | |
] | |
}, | |
"EnableLogFileValidation": true, | |
"IncludeGlobalServiceEvents": true, | |
"IsLogging": true, | |
"IsMultiRegionTrail": true, | |
"S3BucketName": { | |
"Ref": "S3B42WBC" | |
} | |
}, | |
"Metadata": { | |
"AWS::CloudFormation::Designer": { | |
"id": "64c3dde7-b5e8-4d62-ab93-5befac3f7abf" | |
} | |
}, | |
"DependsOn": [ | |
"S3B42WBC" | |
] | |
}, | |
"S3BP3BLA0": { | |
"Type": "AWS::S3::BucketPolicy", | |
"Properties": { | |
"Bucket": { | |
"Ref": "S3B42WBC" | |
}, | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Sid": "AWSCloudTrailAclCheck20150319", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "cloudtrail.amazonaws.com" | |
}, | |
"Action": "s3:GetBucketAcl", | |
"Resource": { | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:aws:s3:::", | |
{ | |
"Ref": "S3B42WBC" | |
} | |
] | |
] | |
} | |
}, | |
{ | |
"Sid": "AWSCloudTrailWrite20150319", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "cloudtrail.amazonaws.com" | |
}, | |
"Action": "s3:PutObject", | |
"Resource": { | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:aws:s3:::", | |
{ | |
"Ref": "S3B42WBC" | |
}, | |
"/AWSLogs/", | |
{ | |
"Ref": "AWS::AccountId" | |
}, | |
"/*" | |
] | |
] | |
}, | |
"Condition": { | |
"StringEquals": { | |
"s3:x-amz-acl": "bucket-owner-full-control" | |
} | |
} | |
} | |
] | |
} | |
}, | |
"Metadata": { | |
"AWS::CloudFormation::Designer": { | |
"id": "0c8840c5-ee26-4701-8de9-0441b8914d5c" | |
} | |
} | |
}, | |
"LLG39AOL": { | |
"Type": "AWS::Logs::LogGroup", | |
"Properties": { | |
"RetentionInDays": 1 | |
}, | |
"Metadata": { | |
"AWS::CloudFormation::Designer": { | |
"id": "70af2c40-d0b5-48e0-9249-23ebde2f51e8" | |
} | |
} | |
}, | |
"CloudTrailRole": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Sid": "", | |
"Effect": "Allow", | |
"Principal": { | |
"Service": "cloudtrail.amazonaws.com" | |
}, | |
"Action": "sts:AssumeRole" | |
} | |
] | |
}, | |
"Policies": [ | |
{ | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Sid": "AWSCloudTrailCreateLogStream2014110", | |
"Effect": "Allow", | |
"Action": [ | |
"logs:CreateLogStream" | |
], | |
"Resource": [ | |
"arn:aws:logs:us-east-1:accountID:log-group:log_group_name:log-stream:CloudTrail_log_stream_name_prefix*" | |
] | |
}, | |
{ | |
"Sid": "AWSCloudTrailPutLogEvents20141101", | |
"Effect": "Allow", | |
"Action": [ | |
"logs:PutLogEvents" | |
], | |
"Resource": [ | |
"arn:aws:logs:us-east-1:accountID:log-group:log_group_name:log-stream:CloudTrail_log_stream_name_prefix*" | |
] | |
} | |
] | |
} | |
] | |
}, | |
"Metadata": { | |
"AWS::CloudFormation::Designer": { | |
"id": "25438732-8a2a-4466-b2fa-542abf3ee7b1" | |
} | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment