Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BLEA 2.0.0 does not be supported organization trails in Control Tower landing zone version 3.0 #61

Closed
toshitanaa opened this issue Aug 3, 2022 · 2 comments
Closed

BLEA 2.0.0 does not be supported organization trails in Control Tower landing zone version 3.0 #61

toshitanaa opened this issue Aug 3, 2022 · 2 comments

Comments

@toshitanaa
Copy link
Contributor

toshitanaa commented Aug 3, 2022
edited
Loading

Describe issue

BLEA 2.0.0 does not be supported organization trails in Control Tower landing zone version 3.0

AWS Control Tower landing zone version 3.0 includes the following updates:

BLEA 2.0.0 (latest) assumes the previous ControlTower version specification and is written as follows.

// Security Alarms
// !!! Need to setup SecurityHub, GuardDuty manually on Organizations Management account
// AWS Config and CloudTrail are set up by ControlTower

// CloudWatch LogGroup Name for CloudTrail - Created by ControlTower for each account
const cloudTrailLogGroupName = 'aws-controltower/CloudTrailLogs';

const secAlarm = new BLEASecurityAlarmStack(app, `${pjPrefix}-SecurityAlarm`, {
  notifyEmail: envVals['securityNotifyEmail'],
  cloudTrailLogGroupName: cloudTrailLogGroupName,
  env: getProcEnv(),
});

A reproducible test case or series of steps

Control Tower landing zone version 3.0
Enable the option to choose organization-level AWS CloudTrail trails.
Deploy to Multiaccount environment

The version of our code being used

BLEA v.2.0.0
Control Tower landing zone version 3.0

Any modifications you've made relevant to the bug

none

Anything unusual about your environment or deployment

none
@konokenj
Copy link
Contributor

konokenj commented Aug 4, 2022

Thank you for your reporting. We're planning to fix this.

@ohmurayu
Copy link
Contributor

ohmurayu commented Sep 6, 2022

Thank you for feedback. We has resolved this with #70 .
We changed default environment to LZ3.0 with CloudTrail support, and add document so you can handle LZ 2.9 and before.

@ohmurayu ohmurayu closed this as completed Sep 6, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ohmurayu @toshitanaa @konokenj