amazon-cloudformation - Set Event Value for Cloudtrail - all S3 buckets
问题描述
I'm trying to get a cloudtrail for all S3 bucket Data but it keeps throwing an error. The template looks like:
DataTrail:
Type: AWS::CloudTrail::Trail
Properties:
CloudWatchLogsLogGroupArn:
Fn::ImportValue:
!Sub ${EnvironmentName}-CloudtrailLogGroupARN
CloudWatchLogsRoleArn:
Fn::ImportValue:
!Sub ${EnvironmentName}-CloudTrailLogsRoleARN
EnableLogFileValidation: true
EventSelectors:
- DataResources:
- Type: AWS::S3::Object
Values:
- 'arn:aws:s3:::*'
- IncludeManagementEvents: false
- ReadWriteType: All
IncludeGlobalServiceEvents: true
IsLogging: true
IsMultiRegionTrail: true
KMSKeyId:
Fn::ImportValue:
!Sub ${EnvironmentName}-InvoicegenKey-CMK-Arn
S3BucketName:
Fn::ImportValue:
!Sub ${EnvironmentName}-CloudTrailBucket-Name
the AWS Doku says it must be a list of string, so I did:
Values:
- 'arn:aws:s3:::*'
But it keeps failing...
Merci in Advance
A
解决方案
最后,这很容易;我刚刚通过控制台创建了一条线索,然后用来aws cloudtrail get-event-selectors --trail-name <name>获取结果。然后像这样将它转移到我的模板中:
DataResources:
- Type: AWS::S3::Object
Values:
- arn:aws:s3
推荐阅读
- javascript - react native 如何处理对象和数组?
- python-3.x - 在其他系统中使用自己的 venv
- angular - Angular 中的 ChartJs 事件
- ios - Flutter 忽略 ffi-1.12.2,因为它的扩展没有构建。试试: gem pristine ffi --version 1.12.2
- android - 将图像选择器意图中的数据转换为位图(Kotlin)?
- discord.js - 如何使用 async/await 读取文件?
- regex - URL中字母和数字的正则表达式
- ios - 如何在目标C中识别文档(.pdf,.doc,.png)的方向
- python - 我的 pygame 窗口不断崩溃,我正在关注 mac 上的 youtube 教程
- node.js - 使用“chrome”类型启动配置调试符号链接节点模块