AWS Stack Parameters for Account-Level CloudTrail
This topic covers the parameters in the CloudFormation template to provision a single account stack. This template creates and configures CloudTrail event-driven pipeline used by Tenable Cloud Security to detect configuration changes in your AWS environment.
| Parameter | Description | Default Value |
|---|---|---|
| Stack name |
Name of the stack. Stack name can include letters (A-Z and a-z), numbers (0-9), and dashes (-). |
tenable-log-monitor-stack |
| Cloud Events | ||
| Access token for Tenable Cloud Security |
Access token that is required for the Tenable Cloud Security SNS subscription. For more information, see Generate API Tokens. |
|
| EventRuleName | Name of event rule. | TenableTrailMasterEventRule |
| SNSTopicName | SNS topic that acts as the target for event rules triggered by CloudTrail events. | TenableSNSTopic |
| CloudTrail Configuration | ||
| CreateTrail | Indicates whether CloudTrail must be created. | true |
| TrailName |
Name of the trail to be created. Note: This trail is not created if the CreateTrail parameter is set to false.
|
AccountLevelCloudTrail |
| Enable log file validation | Indicates whether CloudTrail validates the integrity of log files. | true |
| TrailBucketName |
Name of the S3 bucket where CloudTrail stores the logs.
Note: To avoid namespace conflicts, the AWS account ID is suffixed to the S3 bucket name. If an S3 bucket with the same name exists within your account, delete it before creating this CloudFormation stack.
|
tenable-cloudtrail-bucket |
| LogGroupName |
Name of the CloudWatch log group to be created. Note: The log group is not created if the CreateTrail parameter is set to false.
|
TenableTrailLogGroup |
| RetentionPeriod | Retention period of the CloudWatch log group, in days. | 5 |