Description: "SIEM on Amazon OpenSearch Service v2.10.0: log exporter - CloudHSM" Metadata: AWS::CloudFormation::Interface: ParameterGroups: - Label: default: CloudWatch Logs Parameters: - CwlHsmName - Label: default: Amazon Kinesis Data Firehose Parameters: - KdfHsmName - KdfBufferSize - KdfBufferInterval Parameters: KdfHsmName: Type: String Default: siem-cloudhsm-cwl-to-s3 Description: Define new Kinesis Data Firehose Name to deliver CloudHSM CloudWatch Logs KdfBufferSize: Type: Number Default: 64 Description: Enter a buffer size between 64 - 128 (MiB) MaxValue: 128 MinValue: 64 KdfBufferInterval: Type: Number Default: 60 Description: Enter a buffer interval between 60 - 900 (seconds.) MaxValue: 900 MinValue: 60 CwlHsmName: Type: String Default: /aws/cloudhsm/cluster-XXXXXXXXXXX Description: Specify CloudWatch Logs group name Resources: Kdf: Type: AWS::KinesisFirehose::DeliveryStream Properties: DeliveryStreamName: Ref: KdfHsmName ExtendedS3DestinationConfiguration: BucketARN: Fn::Join: - "" - - "arn:aws:s3:::" - Fn::ImportValue: sime-log-bucket-name-v2 BufferingHints: IntervalInSeconds: Ref: KdfBufferInterval SizeInMBs: Ref: KdfBufferSize CompressionFormat: UNCOMPRESSED ErrorOutputPrefix: ErrorLogs/ Prefix: Fn::Join: - "" - - AWSLogs/ - Ref: AWS::AccountId - /CloudHSM/ - Ref: AWS::Region - / RoleARN: Fn::Join: - "" - - "arn:aws:iam::" - Ref: AWS::AccountId - :role/service-role/ - Fn::ImportValue: siem-kdf-to-s3-role-name-v2 KinesisSubscription: Type: AWS::Logs::SubscriptionFilter Properties: DestinationArn: Fn::GetAtt: - Kdf - Arn FilterPattern: "" LogGroupName: Ref: CwlHsmName RoleArn: Fn::Join: - "" - - "arn:aws:iam::" - Ref: AWS::AccountId - :role/ - Fn::ImportValue: siem-cwl-to-kdf-role-name-v2