From 936ef3b2eec55b1367459a489cc376ea8f582e7a Mon Sep 17 00:00:00 2001 From: Leo Singer Date: Fri, 9 Aug 2024 14:33:36 -0400 Subject: [PATCH] Revert "Enable audit logs" --- service.ts | 24 +++--------------------- 1 file changed, 3 insertions(+), 21 deletions(-) diff --git a/service.ts b/service.ts index 89049be..d9d4ddd 100644 --- a/service.ts +++ b/service.ts @@ -36,7 +36,7 @@ export function cloudformationResources({ } return { - OpenSearchApplicationLogGroup: { + OpenSearchLogGroup: { Type: 'AWS::Logs::LogGroup', Properties: { LogGroupName: { @@ -45,15 +45,6 @@ export function cloudformationResources({ }, }, }, - OpenSearchAuditLogGroup: { - Type: 'AWS::Logs::LogGroup', - Properties: { - LogGroupName: { - 'Fn::Sub': - '/aws/OpenSearchService/stacks/${AWS::StackName}/audit-logs', - }, - }, - }, OpenSearchLogPolicy: { Type: 'AWS::Logs::ResourcePolicy', Properties: { @@ -67,10 +58,7 @@ export function cloudformationResources({ Effect: 'Allow', Principal: { Service: 'es.amazonaws.com' }, Action: ['logs:PutLogEvents', 'logs:CreateLogStream'], - Resource: [ - { 'Fn::GetAtt': ['OpenSearchAuditLogGroup', 'Arn'] }, - { 'Fn::GetAtt': ['OpenSearchApplicationLogGroup', 'Arn'] }, - ], + Resource: { 'Fn::GetAtt': ['OpenSearchLogGroup', 'Arn'] }, }, ], }, @@ -110,15 +98,9 @@ export function cloudformationResources({ EncryptionAtRestOptions: { Enabled: true }, IPAddressType: 'dualstack', LogPublishingOptions: { - AUDIT_LOGS: { - CloudWatchLogsLogGroupArn: { - 'Fn::GetAtt': ['OpenSearchAuditLogGroup', 'Arn'], - }, - Enabled: true, - }, ES_APPLICATION_LOGS: { CloudWatchLogsLogGroupArn: { - 'Fn::GetAtt': ['OpenSearchApplicationLogGroup', 'Arn'], + 'Fn::GetAtt': ['OpenSearchLogGroup', 'Arn'], }, Enabled: true, },