Document URL: Section Number and Name: Describe the issue: Documentation for setting up CloudTrail and Cloudwatch for getting events in CFME is missing. CloudTrail: Create Trail Some Trail name Read/Write events All Create a new S3 bucket CloudWatch: Events -> Rules Event pattern: { "source": [ "aws.ec2" ], "detail-type": [ "AWS API Call via CloudTrail" ], "detail": { "eventSource": [ "ec2.amazonaws.com" ] } } And target: Type: SNS Topic Resource name: AWSConfig_topic Input: Matched event Suggestions for improvement: Additional information: Document URL: Section Number and Name: Describe the issue: Suggestions for improvement: Additional information:
Please assess the impact of this issue and update the severity accordingly. Please refer to https://bugzilla.redhat.com/page.cgi?id=fields.html#bug_severity for a reminder on each severity's definition. If it's something like a tracker bug where it doesn't matter, please set it to Low/Low.
Assigning to Dayle for review.
Created attachment 1447359 [details] Preview - Enabling AWS events Hi Matouš, Thanks for the nice instructions. :) I managed to locate an Amazon instance to try the config on AWS; however I still have a few questions as I'm not very familiar with Amazon. Could you please review the attached preview (html file), and let me know if it looks correct to you? A few questions: * Would you configure events (CloudTrail/CloudWatch) *after* configuring AWS Config notifications in this procedure? https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.6/html-single/managing_providers/#enabling_aws_config_notifications * When creating a Trail, should we select "Apply to all regions"? What does that impact? * I've added a note about the SNS topic deletion in BZ1579771 at the end of this section. Is it important for the user to know this at the beginning of this section? Thanks for your help, Dayle
Hello Dayle, there should be three cloudwatch rules - volumes, snapshots and the rest of ec2: CloudWatch: Events -> Rules For EC2: Event pattern: { "detail-type": [ "AWS API Call via CloudTrail" ], "detail": { "eventSource": [ "ec2.amazonaws.com" ] } } For volumes: { "source": [ "aws.ec2" ], "detail-type": [ "EBS Volume Notification" ] } For snapshots: { "source": [ "aws.ec2" ], "detail-type": [ "EBS Snapshot Notification" ] } Targets are same for all these three rules: And target: Type: SNS Topic Resource name: AWSConfig_topic Input: Matched event For the questions: 1) AWS Config notifications should be created first as user has to select SNS Topic target in CloudWatch rules. 2) It depends on the use case. If customer uses more regions in cfme then it can be applied to all regions. We are using this option in our environment as we use many regions but we had to configure only one cloudtrail. I think the rest in the html page is accurate.
This update (along with a note for https://bugzilla.redhat.com/show_bug.cgi?id=1579771) is now published in the CloudForms 4.5 and 4.6 guides: https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.6/html-single/managing_providers/index#amazon-provider-aws-events https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.5/html-single/managing_providers/#amazon-provider-aws-events