Skip to content

Commit

Permalink
Limit access to destination to accounts in our org
Browse files Browse the repository at this point in the history
  • Loading branch information
@tmclaugh
tmclaugh authored Aug 18, 2024
1 parent 5c084d4 commit 68d3559
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion stacksets/datadog-shipping/logs-template.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,12 @@ Resources:
"AWS": "logs.amazonaws.com"
},
"Action": "logs:PutSubscriptionFilter",
"Resource": "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:destination:DATADOG-LOGS-FIREHOSE"
"Resource": "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:destination:DATADOG-LOGS-FIREHOSE",
"Condition": {
"StringEquals": {
"aws:PrincipalOrgID": !Ref AwsOrgId
}
}
}
]
}'
Expand Down

0 comments on commit 68d3559

Please sign in to comment.