diff --git a/stacksets/cloudwatch-oam-link/stackset.yaml b/stacksets/cloudwatch-oam-link/stackset.yaml deleted file mode 100644 index b6a2115..0000000 --- a/stacksets/cloudwatch-oam-link/stackset.yaml +++ /dev/null @@ -1,43 +0,0 @@ -Metadata: - OamSink: - localTemplateFile: &template_body ./template.yaml - -AWSTemplateFormatVersion: '2010-09-09' -Transform: AWS::Serverless-2016-10-31 -Description: AWS account infrastructure stackset (CW OAM Link) - -Parameters: - AwsOrgRootId: - Type: CommaDelimitedList - Description: Root ID of the AWS Organization - TargetRegions: - Type: CommaDelimitedList - Description: Regions to deploy to - AwsOamSinkArn: - Type: String - Description: ARN of CW OAM Sink - -Resources: - CloudWatchOamLinkStackSet: - Type: AWS::CloudFormation::StackSet - Properties: - StackSetName: CloudWatchOamLink - Description: CloudWatch OAM Link - Parameters: - - ParameterKey: AwsOamSinkArn - ParameterValue: !Ref AwsOamSinkArn - StackInstancesGroup: - - DeploymentTargets: - OrganizationalUnitIds: !Ref AwsOrgRootId - Regions: !Ref TargetRegions - AutoDeployment: - Enabled: true - RetainStacksOnAccountRemoval: false - ManagedExecution: - Active: true - OperationPreferences: - RegionConcurrencyType: PARALLEL - FailureToleranceCount: 1 - MaxConcurrentCount: 5 - PermissionModel: SERVICE_MANAGED - TemplateBody: *template_body diff --git a/stacksets/cloudwatch-oam-link/template.yaml b/stacksets/cloudwatch-oam-link/template.yaml deleted file mode 100644 index 2f49e67..0000000 --- a/stacksets/cloudwatch-oam-link/template.yaml +++ /dev/null @@ -1,32 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Description: AWS CloudWatch OAM Sink - -Parameters: - AwsOamSinkArn: - Type: String - Description: ARN of CW OAM Sink - -Conditions: - SkipSinkAccount: !Not [ - !Equals [ - !Ref AWS::AccountId, !Select [ - "4", !Split [ - ":", !Ref AwsOamSinkArn] - ] - ] - ] - - -Resources: - OamLink: - Type: AWS::Oam::Link - Condition: SkipSinkAccount - Properties: - LabelTemplate: "$AccountName" - ResourceTypes: - - AWS::CloudWatch::Metric - - AWS::Logs::LogGroup - - AWS::XRay::Trace - - AWS::ApplicationInsights::Application - - AWS::InternetMonitor::Monitor - SinkIdentifier: !Ref AwsOamSinkArn diff --git a/stacksets/cloudwatch-oam-sink/stackset.yaml b/stacksets/cloudwatch-oam-sink/stackset.yaml deleted file mode 100644 index 3a712b5..0000000 --- a/stacksets/cloudwatch-oam-sink/stackset.yaml +++ /dev/null @@ -1,42 +0,0 @@ -Metadata: - OamSink: - localTemplateFile: &oam_sink_template_body ./template.yaml - -AWSTemplateFormatVersion: '2010-09-09' -Transform: AWS::Serverless-2016-10-31 -Description: AWS account infrastructure stackset (CW oam sink) - -Parameters: - ObservabilityOu: - Type: CommaDelimitedList - Description: List of OUs - TargetRegions: - Type: CommaDelimitedList - Description: Regions to deploy to - AwsOrgId: - Type: String - -Resources: - CloudWatchOamSinkStacxkSet: - Type: AWS::CloudFormation::StackSet - Properties: - StackSetName: CloudWatchOamSink - Description: CloudWatch OAM Sink - Parameters: - - ParameterKey: AwsOrgId - ParameterValue: !Ref AwsOrgId - StackInstancesGroup: - - DeploymentTargets: - OrganizationalUnitIds: !Ref ObservabilityOu - Regions: !Ref TargetRegions - AutoDeployment: - Enabled: true - RetainStacksOnAccountRemoval: false - ManagedExecution: - Active: true - OperationPreferences: - RegionConcurrencyType: PARALLEL - FailureToleranceCount: 1 - MaxConcurrentCount: 5 - PermissionModel: SERVICE_MANAGED - TemplateBody: *oam_sink_template_body diff --git a/stacksets/cloudwatch-oam-sink/template.yaml b/stacksets/cloudwatch-oam-sink/template.yaml deleted file mode 100644 index 9540cc2..0000000 --- a/stacksets/cloudwatch-oam-sink/template.yaml +++ /dev/null @@ -1,31 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Description: AWS CloudWatch OAM Sink - -Parameters: - AwsOrgId: - Type: String - -Resources: - OamSink: - Type: AWS::Oam::Sink - Properties: - Name: OrganizationSink - Policy: - Version: '2012-10-17' - Statement: - - Effect: Allow - Principal: "*" - Resource: "*" - Action: - - "oam:CreateLink" - - "oam:UpdateLink" - Condition: - StringEquals: - aws:PrincipalOrgID: !Ref AwsOrgId - ForAllValues:StringEquals: - oam:ResourceTypes: - - AWS::CloudWatch::Metric - - AWS::Logs::LogGroup - - AWS::XRay::Trace - - AWS::ApplicationInsights::Application - - AWS::InternetMonitor::Monitor \ No newline at end of file diff --git a/template.yaml b/template.yaml index bb57eae..3445816 100644 --- a/template.yaml +++ b/template.yaml @@ -3,11 +3,13 @@ Transform: AWS::Serverless-2016-10-31 Description: AWS account observability stack Parameters: + AwsOrgId: + Type: String + AwsOrgRootId: + Type: String TargetRegions: Type: String Description: List of OUs - AwsOrgId: - Type: String ObservabilityOu: Type: String Description: OU of observability accounts @@ -16,10 +18,6 @@ Parameters: DatadogApiKey: Type: String NoEcho: 'true' - AwsOamSinkArn: - Type: String - AwsOrgRootId: - Type: String Resources: @@ -32,30 +30,3 @@ Resources: TargetRegions: !Ref TargetRegions DatadogHttpEndpointUrl: !Ref DatadogHttpEndpointUrl DatadogApiKey: !Ref DatadogApiKey - - OamSinkStackSet: - Type: AWS::Serverless::Application - Properties: - Location: "./stacksets/cloudwatch-oam-sink/stackset.yaml" - Parameters: - ObservabilityOu: !Ref ObservabilityOu - TargetRegions: !Ref TargetRegions - AwsOrgId: !Ref AwsOrgId - - OamLinkStackSet: - Type: AWS::Serverless::Application - DependsOn: OamSinkStackSet - Properties: - Location: "./stacksets/cloudwatch-oam-link/stackset.yaml" - Parameters: - AwsOrgRootId: !Ref AwsOrgRootId - TargetRegions: !Ref TargetRegions - AwsOamSinkArn: !Ref AwsOamSinkArn - - OamLinkManagementStack: - Type: AWS::Serverless::Application - DependsOn: OamSinkStackSet - Properties: - Location: "./stacksets/cloudwatch-oam-link/template.yaml" - Parameters: - AwsOamSinkArn: !Ref AwsOamSinkArn