Skip to content
/ lambda-cloudtrail-restartlogging Public

This Lambda function Start Logging Cloud Trail if it Stopped Logging and sends logs to CloudWatch Log group.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

SofiaNeogalaxy/lambda-cloudtrail-restartlogging

BranchesTags

Repository files navigation

AWS Lambda Function to Start CloudTrail Logging if Stopped

This Lambda function Start Logging Cloud Trail if it Stopped Logging and sends logs to CloudWatch Log group.

Usage

  1. Create a new lambda function:

  • Runtime: Python 3.7
  • Architecture: x86_64
  • Permissions:Create new role and attach this policy lambda-policy.json

  1. Create Amazon EventBridge Rule with an event pattern

Event pattern -> AWS services -> CloudTrail -> AWS API Call via CloudTrail -> Specific operation(s) -> StopLogging ->Target types -> AWS service -> Lambda function

  1. In Lambda console add lambda functione code lambda-trail-logs.py to Code editor.

  2. Test and Deploy.

Note

This Lambda function Start Logging any existing CloudTrail which stopped logging, if you want to specify trail add

def lambda_handler(event, context):
    name = 'TRAIL_ARN'

and than in Lambda console add in Configuration -> Enviroment variables -> Key:TRAIL_ARN ->Value: arn of your trail.

Also you can specify trail in your Lambda role policy Resource.

About

This Lambda function Start Logging Cloud Trail if it Stopped Logging and sends logs to CloudWatch Log group.

Topics

lambda lambda-functions cloudtrail cloudtrail-logs eventbridge

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages