Notice: This repository provides sample scripts, templates, policies, etc. They are not intended to be or supported as solutions, but serve as a helpful reference for building your own landing zone solution.
The Logging directory contains various resources for provisioning and configuring centralizing logging within your AWS cloud environment. Please refer to the following table for a quick description of each solution within the directory:
| Example | Description | Type |
|---|---|---|
| centralized logging CloudTrail S3 Bucket | Template creates an S3 Bucket to be deployed in your log archive account for centralized logging of CloudTrail. | CloudFormation, Bucket Policy |
| centralized logging Config S3 Bucket | Template creates an S3 Bucket to be deployed in your log archive account for centralized logging of Config. | CloudFormation, Bucket Policy |
| centralized logging KMS key Cloudtrail | Template creates a KMS Key to be deployed in your Security Tooling account for encrypting an Organizational CloudTrail Trail. | CloudFormation, KMS Policy Terraform |
| centralized logging KMS key Config | Template creates a KMS Key to be deployed in your Security Tooling account for encrypting AWS Config Snapshots and History in the Log Archive account. | CloudFormation, KMS Policy Terraform |
| centralized logging Org Trail CloudTrail | Template creates an Organization CloudTrail trail for management events and records them in a previously created centralized S3 bucket in the Log Archive account. | CloudFormation |