Skip to content

/ cloudformation-examples

Permalink
master
Switch branches/tags

cloudformation-examples/templates/guardduty.json

Go to file
 
 
Cannot retrieve contributors at this time
115 lines (115 sloc) 3.19 KB
Raw Blame
{
"Conditions": {
"IsMaster": {
"Fn::Equals": [
{
"Ref": "AWS::AccountId"
},
"1234"
]
},
"IsMember": {
"Fn::Not": [
{
"Condition": "IsMaster"
}
]
}
},
"Description": "GuardDuty example deployment for master and member accounts",
"Parameters": {
"MemberInvitation": {
"Description": "Invitation ID for member account, leave empty on master account",
"Type": "String"
}
},
"Resources": {
"Detector": {
"Properties": {
"Enable": "true"
},
"Type": "AWS::GuardDuty::Detector"
},
"EventsRule": {
"Condition": "IsMaster",
"Properties": {
"EventPattern": {
"source": [
"aws.guardduty"
]
},
"State": "ENABLED",
"Targets": [
{
"Arn": {
"Ref": "SNSTopic"
},
"Id": "sns"
}
]
},
"Type": "AWS::Events::Rule"
},
"Master": {
"Condition": "IsMember",
"Properties": {
"DetectorId": {
"Ref": "Detector"
},
"InvitationId": {
"Ref": "MemberInvitation"
},
"MasterId": "1234"
},
"Type": "AWS::GuardDuty::Master"
},
"Member": {
"Condition": "IsMaster",
"Properties": {
"DetectorId": {
"Ref": "Detector"
},
"Email": "user@example.com",
"MemberId": "5678",
"Status": "Invited"
},
"Type": "AWS::GuardDuty::Member"
},
"SNSTopic": {
"Condition": "IsMaster",
"Properties": {
"Subscription": []
},
"Type": "AWS::SNS::Topic"
},
"SNSTopicPolicy": {
"Condition": "IsMaster",
"Properties": {
"PolicyDocument": {
"Statement": [
{
"Action": [
"sns:Publish"
],
"Effect": "Allow",
"Principal": {
"Service": "events.amazonaws.com"
},
"Resource": [
{
"Ref": "SNSTopic"
}
]
}
]
},
"Topics": [
{
"Ref": "SNSTopic"
}
]
},
"Type": "AWS::SNS::TopicPolicy"
}
}
}