Skip to content

Commit c6ddbd8

Browse files
matteopasamatteopasa
authored
fix(event-bridge): restore legacy event bridge for gov cloud support (SSPROD-58545) (#158)
* restore legacy eb * add in makefile * makefile * only aws-us-gov * fix syntax
1 parent 1629ba3 commit c6ddbd8

File tree

2 files changed

+571
-2
lines changed

2 files changed

+571
-2
lines changed

modules/Makefile

Lines changed: 26 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ PARAM_TRUSTED_IDENTITY ?= arn:aws:iam:::role/$(PARAM_NAME_SUFFIX)
1111
PARAM_API_KEY ?= <your_api_key>
1212
PARAM_INGESTION_URL ?= https://app-staging.sysdigcloud.com/api/cloudingestion/webhooks/eventbridge/v1/64616366-3130-6163-3665-346636653537
1313
PARAM_RATE_LIMIT ?= 300
14+
PARAM_TARGET_EVENT_BUS_ARN ?= arn:aws:events:us-east-1::event-bus/default
1415
PARAM_BUCKET_ARN ?= arn:aws:s3:::cloudtrail-$(PARAM_NAME_SUFFIX)
1516
PARAM_REGIONS ?= us-east-1
1617
PARAM_LAMBDA_SCANNING_ENABLED ?= true
@@ -20,6 +21,7 @@ validate: export AWS_PAGER=""
2021
validate:
2122
aws --region us-east-1 cloudformation validate-template --template-body file://./foundational.cft.yaml
2223
aws --region us-east-1 cloudformation validate-template --template-body file://./log_ingestion.events.cft.yaml
24+
aws --region us-east-1 cloudformation validate-template --template-body file://./log_ingestion.legacy_events.cft.yaml
2325
aws --region us-east-1 cloudformation validate-template --template-body file://./log_ingestion.s3.cft.yaml
2426
aws --region us-east-1 cloudformation validate-template --template-body file://./volume_access.cft.yaml
2527
aws --region us-east-1 cloudformation validate-template --template-body file://./vm_workload_scanning.cft.yaml
@@ -30,6 +32,9 @@ lint:
3032
yq '.Resources.EventBridgeRuleStackSet.Properties.TemplateBody' log_ingestion.events.cft.yaml | cfn-lint -
3133
yq '.Resources.OrganizationRoleStackSet.Properties.TemplateBody' log_ingestion.events.cft.yaml | cfn-lint -
3234
yq '.Resources.OrganizationRuleStackSet.Properties.TemplateBody' log_ingestion.events.cft.yaml | cfn-lint -
35+
yq '.Resources.EventBridgeRuleStackSet.Properties.TemplateBody' log_ingestion.legacy_events.cft.yaml | cfn-lint -
36+
yq '.Resources.OrganizationRoleStackSet.Properties.TemplateBody' log_ingestion.legacy_events.cft.yaml | cfn-lint -
37+
yq '.Resources.OrganizationRuleStackSet.Properties.TemplateBody' log_ingestion.legacy_events.cft.yaml | cfn-lint -
3338
yq '.Resources.AccountStackSet.Properties.TemplateBody' volume_access.cft.yaml | cfn-lint -
3439
yq '.Resources.OrganizationStackSet.Properties.TemplateBody' volume_access.cft.yaml | cfn-lint -
3540
yq '.Resources.ScanningOrgStackSet.Properties.TemplateBody' vm_workload_scanning.cft.yaml | cfn-lint -
@@ -38,6 +43,7 @@ publish:
3843
aws s3 cp foundational.cft.yaml s3://$(S3_BUCKET)/modules/$(S3_PREFIX)/foundational.cft.yaml
3944
aws s3 cp log_ingestion.s3.cft.yaml s3://$(S3_BUCKET)/modules/$(S3_PREFIX)/log_ingestion.s3.cft.yaml
4045
aws s3 cp log_ingestion.events.cft.yaml s3://$(S3_BUCKET)/modules/$(S3_PREFIX)/log_ingestion.events.cft.yaml
46+
aws s3 cp log_ingestion.legacy_events.cft.yaml s3://$(S3_BUCKET)/modules/$(S3_PREFIX)/log_ingestion.legacy_events.cft.yaml
4147
aws s3 cp volume_access.cft.yaml s3://$(S3_BUCKET)/modules/$(S3_PREFIX)/volume_access.cft.yaml
4248
aws s3 cp vm_workload_scanning.cft.yaml s3://$(S3_BUCKET)/modules/$(S3_PREFIX)/vm_workload_scanning.cft.yaml
4349

@@ -52,7 +58,7 @@ deploy:
5258
"TrustedIdentity=$(PARAM_TRUSTED_IDENTITY)" \
5359
"IsOrganizational=$(PARAM_IS_ORGANIZATIONAL)" \
5460
"OrganizationalUnitIDs=$(PARAM_ORGANIZATIONAL_UNIT_IDS)" \
55-
"Partition=${PARAM_PARTITION}" \
61+
"Partition=$(PARAM_PARTITION)" \
5662
"RootOUID=$(PARAM_ROOT_OU_ID)" \
5763
"IncludeOUIDs=$(PARAM_INCLUDE_OU_IDS)" \
5864
"IncludeAccounts=$(PARAM_INCLUDE_ACCOUNTS)" \
@@ -71,7 +77,24 @@ deploy:
7177
"RateLimit=$(PARAM_RATE_LIMIT)" \
7278
"IsOrganizational=$(PARAM_IS_ORGANIZATIONAL)" \
7379
"OrganizationalUnitIDs=$(PARAM_ORGANIZATIONAL_UNIT_IDS)" \
74-
"Partition=${PARAM_PARTITION}" \
80+
"Partition=$(PARAM_PARTITION)" \
81+
"RootOUID=$(PARAM_ROOT_OU_ID)" \
82+
"IncludeOUIDs=$(PARAM_INCLUDE_OU_IDS)" \
83+
"IncludeAccounts=$(PARAM_INCLUDE_ACCOUNTS)" \
84+
"ExcludeAccounts=$(PARAM_EXCLUDE_ACCOUNTS)"
85+
aws cloudformation deploy \
86+
--stack-name $(STACK_NAME)-LogIngestion-LegacyEventBridge-$(PARAM_NAME_SUFFIX) \
87+
--template-file log_ingestion.legacy_events.cft.yaml \
88+
--capabilities "CAPABILITY_NAMED_IAM" "CAPABILITY_AUTO_EXPAND" \
89+
--parameter-overrides \
90+
"NameSuffix=$(PARAM_NAME_SUFFIX)" \
91+
"ExternalID=$(PARAM_EXTERNAL_ID)" \
92+
"TrustedIdentity=$(PARAM_TRUSTED_IDENTITY)" \
93+
"Regions=$(PARAM_REGIONS)" \
94+
"TargetEventBusARN=$(PARAM_TARGET_EVENT_BUS_ARN)" \
95+
"IsOrganizational=$(PARAM_IS_ORGANIZATIONAL)" \
96+
"OrganizationalUnitIDs=$(PARAM_ORGANIZATIONAL_UNIT_IDS)" \
97+
"Partition=$(PARAM_PARTITION)" \
7598
"RootOUID=$(PARAM_ROOT_OU_ID)" \
7699
"IncludeOUIDs=$(PARAM_INCLUDE_OU_IDS)" \
77100
"IncludeAccounts=$(PARAM_INCLUDE_ACCOUNTS)" \
@@ -126,6 +149,7 @@ deploy:
126149
clean:
127150
aws cloudformation delete-stack --stack-name $(STACK_NAME)-Foundational-$(PARAM_NAME_SUFFIX)
128151
aws cloudformation delete-stack --stack-name $(STACK_NAME)-LogIngestion-EventBridge-$(PARAM_NAME_SUFFIX)
152+
aws cloudformation delete-stack --stack-name $(STACK_NAME)-LogIngestion-LegacyEventBridge-$(PARAM_NAME_SUFFIX)
129153
aws cloudformation delete-stack --stack-name $(STACK_NAME)-LogIngestion-S3-$(PARAM_NAME_SUFFIX)
130154
aws cloudformation delete-stack --stack-name $(STACK_NAME)-VolumeAccess-$(PARAM_NAME_SUFFIX)
131155
aws cloudformation delete-stack --stack-name $(STACK_NAME)-VMWorkloadScanning-$(PARAM_NAME_SUFFIX)

0 commit comments

Comments
 (0)