Closed Bug 1476691 Opened 6 years ago Closed 6 years ago

Update CloudTrail configuration in AWS account servo 849642146520

Categories

(Infrastructure & Operations :: SRE, task)

task
Not set
normal

Tracking

(Not tracked)

VERIFIED FIXED

People

(Reporter: gene, Assigned: edunham)

References

Details

Emily,
  Would you update the CloudTrail configuration in the

servo 849642146520

account as it's misconfigured?

Please 

1. Tear down the "DeployCloudTrailCloudFormationStacks" CloudFormation stack in us-west-2
2. Browse to AWS CloudFormation in any region, for example us-west-2
3. Click Create Stack
4. Under "Choose a template" select Specify an Amazon S3 template URL
    Enter this URL : https://s3.amazonaws.com/infosec-cloudformation-templates/configure_cloudtrail_to_use_mozilla_secure_storage_globally.json
5. In the "Stack name" field enter MozillaGlobalSecureCloudTrailStorage and click Next
6. On the "Options" screen click Next
7. On the "Review" screen click Create

This will continue sending CloudTrail logs to the same bucket, but it will
* switch to using the new[1] (Dec 2015) multi region cloudtrail model
* switch to sending SNS notifications to the correct topic

More information on this system can be round here[2]

[1]: https://aws.amazon.com/blogs/aws/aws-cloudtrail-update-turn-on-in-all-regions-use-multiple-trails/
[2]: https://mana.mozilla.org/wiki/display/SECURITY/AWS+Secure+CloudTrail+Storage+System
Does this belong under the Audio/Video component?
Flags: needinfo?(edunham)
No. Making a guess for the component here, please double check.
Component: Audio/Video → Infrastructure: AWS
Product: Core → Infrastructure & Operations
QA Contact: cshields
Followed the steps in comment 0.
Status: NEW → RESOLVED
Closed: 6 years ago
Flags: needinfo?(edunham)
Resolution: --- → FIXED
Excellent! Checked it and it looks good, thanks :jdm
Status: RESOLVED → VERIFIED
See Also: → 1526073
You need to log in before you can comment on or make changes to this bug.