Skip to content

Commit

Permalink
enable CloudWatch account policy again
Browse files Browse the repository at this point in the history
  • Loading branch information
@tmclaugh
tmclaugh committed Oct 23, 2024
1 parent 5256007 commit 3c5eabd
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 15 deletions.
16 changes: 8 additions & 8 deletions stacksets/datadog-shipping/logs-template.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,14 +159,14 @@ Resources:
LogGroupName: !Ref DeliveryStreamLogGroup
LogStreamName: !Ref BackupDeliveryLogStream

#CloudWatchAccountPolicy:
# Type: AWS::Logs::AccountPolicy
# DependsOn: CloudWatchLogsPolicy
# Properties:
# PolicyName: Datadog-Logs-Firehose
# PolicyDocument: !Sub '{ "RoleArn": "${CloudWatchLogsRole.Arn}", "DestinationArn": "${DatadogDeliveryStream.Arn}", "FilterPattern": ""}'
# SelectionCriteria: !Sub 'LogGroupName NOT IN ["${DeliveryStreamLogGroup}"]'
# PolicyType: "SUBSCRIPTION_FILTER_POLICY"
CloudWatchAccountPolicy:
Type: AWS::Logs::AccountPolicy
DependsOn: CloudWatchLogsPolicy
Properties:
PolicyName: Datadog-Logs-Firehose
PolicyDocument: !Sub '{ "RoleArn": "${CloudWatchLogsRole.Arn}", "DestinationArn": "${DatadogDeliveryStream.Arn}", "FilterPattern": ""}'
SelectionCriteria: !Sub 'LogGroupName NOT IN ["${DeliveryStreamLogGroup}"]'
PolicyType: "SUBSCRIPTION_FILTER_POLICY"

DatadogLogsDestination:
Type: AWS::Logs::Destination
Expand Down
14 changes: 7 additions & 7 deletions stacksets/logging/template.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,10 @@ Resources:
Service: !Sub "logs.${AWS::Region}.amazonaws.com"
Action: sts:AssumeRole

#CloudWatchAccountPolicy:
# Type: AWS::Logs::AccountPolicy
# Condition: IsNotLoggingAccount
# Properties:
# PolicyName: Datadog-Logs-Firehose
# PolicyDocument: !Sub '{ "RoleArn": "${CloudWatchLogsRole.Arn}", "DestinationArn": "${DestinationArn}", "FilterPattern": ""}'
# PolicyType: "SUBSCRIPTION_FILTER_POLICY"
CloudWatchAccountPolicy:
Type: AWS::Logs::AccountPolicy
Condition: IsNotLoggingAccount
Properties:
PolicyName: Datadog-Logs-Firehose
PolicyDocument: !Sub '{ "RoleArn": "${CloudWatchLogsRole.Arn}", "DestinationArn": "${DestinationArn}", "FilterPattern": ""}'
PolicyType: "SUBSCRIPTION_FILTER_POLICY"

0 comments on commit 3c5eabd

Please sign in to comment.