samjeffress/firehose-to-s3.yml

## firehose-to-s3.yml
    FirehoseToS3Role:
      Type: AWS::IAM::Role
      Properties:
        RoleName: excellent-auditing-firehose-to-s3-role
        AssumeRolePolicyDocument:
          Statement:
          - Effect: Allow
            Principal:
              Service:
              - firehose.amazonaws.com
            Action:
            - sts:AssumeRole
        Policies:
        - PolicyName: FirehoseToS3Policy
          PolicyDocument:
            Statement:
              - Effect: Allow
                Action:
                - s3:AbortMultipartUpload
                - s3:GetBucketLocation
                - s3:GetObject
                - s3:ListBucket
                - s3:ListBucketMultipartUploads
                - s3:PutObject
                Resource: arn:aws:s3:::my-bucket-for-logging/get-your-audit-logs/
              - Effect: Allow
                Action:
                - s3:AbortMultipartUpload
                - s3:GetBucketLocation
                - s3:GetObject
                - s3:ListBucket
                - s3:ListBucketMultipartUploads
                - s3:PutObject
                Resource: arn:aws:s3:::my-bucket-for-logging/get-your-audit-logs/*
    ServerlessKinesisFirehose:
      Type: AWS::KinesisFirehose::DeliveryStream
      Properties:
        DeliveryStreamName: delivery-stream
        S3DestinationConfiguration:
          BucketARN: arn:aws:s3:::my-bucket-for-logging
          BufferingHints:
            IntervalInSeconds: "60"
            SizeInMBs: "1"
          CompressionFormat: "UNCOMPRESSED"
          Prefix: get-your-audit-logs/
          RoleARN:
            Fn::GetAtt: [ FirehoseToS3Role, Arn ]
	FirehoseToS3Role:
	Type: AWS::IAM::Role
	Properties:
	RoleName: excellent-auditing-firehose-to-s3-role
	AssumeRolePolicyDocument:
	Statement:
	- Effect: Allow
	Principal:
	Service:
	- firehose.amazonaws.com
	Action:
	- sts:AssumeRole
	Policies:
	- PolicyName: FirehoseToS3Policy
	PolicyDocument:
	Statement:
	- Effect: Allow
	Action:
	- s3:AbortMultipartUpload
	- s3:GetBucketLocation
	- s3:GetObject
	- s3:ListBucket
	- s3:ListBucketMultipartUploads
	- s3:PutObject
	Resource: arn:aws:s3:::my-bucket-for-logging/get-your-audit-logs/
	- Effect: Allow
	Action:
	- s3:AbortMultipartUpload
	- s3:GetBucketLocation
	- s3:GetObject
	- s3:ListBucket
	- s3:ListBucketMultipartUploads
	- s3:PutObject
	Resource: arn:aws:s3:::my-bucket-for-logging/get-your-audit-logs/*
	ServerlessKinesisFirehose:
	Type: AWS::KinesisFirehose::DeliveryStream
	Properties:
	DeliveryStreamName: delivery-stream
	S3DestinationConfiguration:
	BucketARN: arn:aws:s3:::my-bucket-for-logging
	BufferingHints:
	IntervalInSeconds: "60"
	SizeInMBs: "1"
	CompressionFormat: "UNCOMPRESSED"
	Prefix: get-your-audit-logs/
	RoleARN:
	Fn::GetAtt: [ FirehoseToS3Role, Arn ]