Skip to content

Commit 190322f

Browse files
matteopasamatteopasa
committed
cspm plus eb api dest
1 parent aeb0ca9 commit 190322f

File tree

1 file changed

+55
-16
lines changed

1 file changed

+55
-16
lines changed

templates_cspm_eventbridge/FullInstall.yaml

Lines changed: 55 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,9 @@ Metadata:
1010
- RoleName
1111
- ExternalID
1212
- TrustedIdentity
13-
- EventBusARN
13+
- ApiKey
14+
- IngestionUrl
15+
- RateLimit
1416
- EventBridgeRoleName
1517
- EventBridgeState
1618
- EventBridgeEventPattern
@@ -22,8 +24,12 @@ Metadata:
2224
default: "External ID (Sysdig use only)"
2325
TrustedIdentity:
2426
default: "Trusted Identity (Sysdig use only)"
25-
EventBusARN:
26-
default: "Target Event Bus (Sysdig use only)"
27+
ApiKey:
28+
default: "API Key (Sysdig use only)"
29+
IngestionUrl:
30+
default: "Ingestion URL (Sysdig use only)"
31+
RateLimit:
32+
default: "Rate Limit (Sysdig use only)"
2733
EventBridgeRoleName:
2834
default: "Integration Name (Sysdig use only)"
2935
EventBridgeState:
@@ -44,9 +50,16 @@ Parameters:
4450
TrustedIdentity:
4551
Type: String
4652
Description: The Role in Sysdig's AWS Account with permissions to your account
47-
EventBusARN:
53+
ApiKey:
4854
Type: String
49-
Description: The destination in Sysdig's AWS account where your events are sent
55+
Description: API key for Sysdig Secure authentication
56+
IngestionUrl:
57+
Type: String
58+
Description: Sysdig Secure API ingestion URL
59+
RateLimit:
60+
Type: Number
61+
Description: Maximum invocations per second for the API destination
62+
Default: 300
5063
EventBridgeState:
5164
Type: String
5265
Description: The state of the EventBridge Rule
@@ -122,6 +135,26 @@ Resources:
122135
- Effect: "Allow"
123136
Action: "account:GetContactInformation"
124137
Resource: "*"
138+
139+
EventBridgeConnection:
140+
Type: AWS::Events::Connection
141+
Properties:
142+
Name: !Sub ${EventBridgeRoleName}-connection
143+
AuthorizationType: API_KEY
144+
AuthParameters:
145+
ApiKeyAuthParameters:
146+
ApiKeyName: X-Api-Key
147+
ApiKeyValue: !Ref ApiKey
148+
149+
EventBridgeApiDestination:
150+
Type: AWS::Events::ApiDestination
151+
Properties:
152+
Name: !Sub ${EventBridgeRoleName}-destination
153+
ConnectionArn: !GetAtt EventBridgeConnection.Arn
154+
InvocationEndpoint: !Ref IngestionUrl
155+
HttpMethod: POST
156+
InvocationRateLimitPerSecond: !Ref RateLimit
157+
125158
EventBridgeRole:
126159
Type: AWS::IAM::Role
127160
Properties:
@@ -138,21 +171,29 @@ Resources:
138171
Action: "sts:AssumeRole"
139172
Condition:
140173
StringEquals:
141-
sts:ExternalId: !Ref ExternalID
174+
sts:ExternalId: !Ref ExternalID
142175
Policies:
143176
- PolicyName: !Ref EventBridgeRoleName
144177
PolicyDocument:
145178
Version: "2012-10-17"
146179
Statement:
147-
- Effect: Allow
148-
Action: 'events:PutEvents'
149-
Resource: !Ref EventBusARN
150-
- Effect: Allow
180+
- Sid: "InvokeApiDestination"
181+
Effect: Allow
182+
Action: "events:InvokeApiDestination"
183+
Resource: !GetAtt EventBridgeApiDestination.Arn
184+
- Sid: "CloudTrailEventRuleAccess"
185+
Effect: Allow
151186
Action:
152187
- "events:DescribeRule"
153188
- "events:ListTargetsByRule"
154-
Resource:
155-
- !Sub arn:aws:events:*:*:rule/${EventBridgeRoleName}
189+
Resource: !Sub "arn:aws:events:*:*:rule/${EventBridgeRoleName}"
190+
- Sid: "ValidationAccess"
191+
Effect: Allow
192+
Action:
193+
- "events:DescribeApiDestination"
194+
- "events:DescribeConnection"
195+
Resource: "*"
196+
156197
EventBridgeRule:
157198
Type: AWS::Events::Rule
158199
Properties:
@@ -162,7 +203,5 @@ Resources:
162203
State: !Ref EventBridgeState
163204
Targets:
164205
- Id: !Ref EventBridgeRoleName
165-
Arn: !Ref EventBusARN
166-
RoleArn: !GetAtt
167-
- EventBridgeRole
168-
- Arn
206+
Arn: !GetAtt EventBridgeApiDestination.Arn
207+
RoleArn: !GetAtt EventBridgeRole.Arn

0 commit comments

Comments
 (0)