forked from ExamProCo/AWS-Examples
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
72 additions
and
0 deletions.
There are no files selected for viewing
1 change: 1 addition & 0 deletions
1
cloudtrail/basic/982383527471_CloudTrail_ca-central-1_20240309T2015Z_qpt2VS5TbtFMpzLG.json
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| # Create a bucket for cloudtrail logs | ||
|
|
||
| aws s3 mb s3://my-cloudtrail-ab-1212 | ||
|
|
||
| # Create bucket policy to allow cloud trail to put to bucket | ||
|
|
||
| aws s3api put-bucket-policy --bucket my-cloudtrail-ab-1212 --policy file://bucket-policy.json | ||
|
|
||
| # Create Trail | ||
| aws cloudtrail create-trail \ | ||
| --name MyTrail \ | ||
| --s3-bucket-name my-cloudtrail-ab-1212 \ | ||
| --region ca-central-1 | ||
|
|
||
| # Start Logging | ||
|
|
||
| aws cloudtrail start-logging --name MyTrail |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| { | ||
| "Version": "2012-10-17", | ||
| "Statement": [ | ||
| { | ||
| "Sid": "AWSCloudTrailWrite20150319", | ||
| "Effect": "Allow", | ||
| "Principal": {"Service": "cloudtrail.amazonaws.com"}, | ||
| "Action": "s3:PutObject", | ||
| "Resource": "arn:aws:s3:::my-cloudtrail-ab-1212/AWSLogs/myAccountID/*", | ||
| "Condition": { | ||
| "StringEquals": { | ||
| "s3:x-amz-acl": "bucket-owner-full-control", | ||
| "aws:SourceArn": "arn:aws:cloudtrail:ca-central-1:982383527471:trail/MyTrail" | ||
| } | ||
| } | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| # Create CloudWatch Log and Stream | ||
|
|
||
| aws logs create-log-group --log-group-name mycloudtrail | ||
|
|
||
| # Update trail for CloudWatch Logs | ||
| aws cloudtrail update-trail \ | ||
| --name MyTrail \ | ||
| --cloud-watch-logs-log-group-arn arn:aws:logs:ca-central-1:982383527471:log-group:mycloudtrail:* \ | ||
| --cloud-watch-logs-role-arn arn:aws:iam::982383527471:role/MyCloudTrail2CloudWatchRole |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| { | ||
| "Version": "2012-10-17", | ||
| "Statement": [ | ||
| { | ||
|
|
||
| "Sid": "AWSCloudTrailCreateLogStream2014110", | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "logs:CreateLogStream" | ||
| ], | ||
| "Resource": [ | ||
| "arn:aws:logs:ca-central-1:982383527471:log-group:mycloudtrail:log-stream:*" | ||
| ] | ||
|
|
||
| }, | ||
| { | ||
| "Sid": "AWSCloudTrailPutLogEvents20141101", | ||
| "Effect": "Allow", | ||
| "Action": [ | ||
| "logs:PutLogEvents" | ||
| ], | ||
| "Resource": [ | ||
| "arn:aws:logs:ca-central-1:982383527471:log-group:mycloudtrail:log-stream:*" | ||
| ] | ||
| } | ||
| ] | ||
| } |