fix(event-bridge): Add state in AWS::Events::Rule (SSPROD-34618) (#113)

* Add state to event bridge rule

* add state also in cspm EB case

* add EventBridgeState as parameters

templates_cspm_eventbridge/FullInstall.yaml

@@ -12,6 +12,7 @@ Metadata:
  - TrustedIdentity
  - EventBusARN
  - EventBridgeRoleName
+ - EventBridgeState
 
  ParameterLabels:
  RoleName:
@@ -24,6 +25,8 @@ Metadata:
  default: "Target Event Bus (Sysdig use only)"
  EventBridgeRoleName:
  default: "Integration Name (Sysdig use only)"
+ EventBridgeState:
+ default: "State of the EventBridge Rule (Sysdig use only)"
 
 
 Parameters:
@@ -42,6 +45,14 @@ Parameters:
  EventBusARN:
  Type: String
  Description: The destination in Sysdig's AWS account where your events are sent
+ EventBridgeState:
+ Type: String
+ Description: The state of the EventBridge Rule
+ Default: ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ AllowedValues:
+ - ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ - ENABLED
+ - DISABLED
 
 Resources:
  CloudAgentlessRole:
@@ -96,6 +107,7 @@ Resources:
  - 'AWS API Call via CloudTrail'
  - 'AWS Console Sign In via CloudTrail'
  - 'AWS Service Event via CloudTrail'
+ State: !Ref EventBridgeState
  Targets:
  - Id: !Ref EventBridgeRoleName
  Arn: !Ref EventBusARN

templates_cspm_eventbridge/OrgFullInstall.yaml

@@ -13,6 +13,7 @@ Metadata:
  - EventBusARN
  - Regions
  - OrganizationUnitIDs
+ - EventBridgeState
  ParameterLabels:
  CSPMRoleName:
  default: "CSPM Role Name (Sysdig use only)"
@@ -27,7 +28,9 @@ Metadata:
  Regions:
  default: "EventBridge Regions (Sysdig use only)"
  OrganizationUnitIDs:
- default: "Organization Unit IDs (Sysdig use only)" 
+ default: "Organization Unit IDs (Sysdig use only)"
+ EventBridgeState:
+ default: "State of the EventBridge Rule (Sysdig use only)" 
 Parameters:
  CSPMRoleName:
  Type: String
@@ -50,6 +53,14 @@ Parameters:
  OrganizationUnitIDs:
  Type: String
  Description: Organization Unit IDs to deploy
+ EventBridgeState:
+ Type: String
+ Description: The state of the EventBridge Rule
+ Default: ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ AllowedValues:
+ - ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ - ENABLED
+ - DISABLED
 
 Resources:
  AdministrationRole:
@@ -176,7 +187,7 @@ Resources:
  Description: A unique identifier used to create an IAM Role and EventBridge Rule
  EventBusARN:
  Type: String
- Description: The destination in Sysdig's AWS account where your events are sent  
+ Description: The destination in Sysdig's AWS account where your events are sent 
  Resources:
  CloudAgentlessRole:
  Type: "AWS::IAM::Role"
@@ -237,6 +248,8 @@ Resources:
  ParameterValue: !Ref EventBridgeRoleName
  - ParameterKey: EventBusARN
  ParameterValue: !Ref EventBusARN
+ - ParameterKey: EventBridgeState
+ ParameterValue: !Ref EventBridgeState
  StackInstancesGroup:
  - DeploymentTargets:
  OrganizationalUnitIds: !Split [ ",", !Ref OrganizationUnitIDs]
@@ -250,7 +263,15 @@ Resources:
  Description: A unique identifier used to create an IAM Role and EventBridge Rule
  EventBusARN:
  Type: String
- Description: The destination in Sysdig's AWS account where your events are sent 
+ Description: The destination in Sysdig's AWS account where your events are sent 
+ EventBridgeState:
+ Type: String
+ Description: The state of the EventBridge Rule
+ Default: ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ AllowedValues:
+ - ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ - ENABLED
+ - DISABLED 
  Resources: 
  EventBridgeRule:
  Type: "AWS::Events::Rule"
@@ -262,6 +283,7 @@ Resources:
  - 'AWS API Call via CloudTrail'
  - 'AWS Console Sign In via CloudTrail'
  - 'AWS Service Event via CloudTrail'
+ State: !Sub ${EventBridgeState}
  Targets:
  - Id: !Sub ${EventBridgeRoleName}
  Arn: !Sub ${EventBusARN}
@@ -290,6 +312,8 @@ Resources:
  ParameterValue: !Ref EventBridgeRoleName
  - ParameterKey: EventBusARN
  ParameterValue: !Ref EventBusARN
+ - ParameterKey: EventBridgeState
+ ParameterValue: !Ref EventBridgeState
  StackInstancesGroup:
  - DeploymentTargets:
  Accounts:
@@ -304,7 +328,15 @@ Resources:
  Description: A unique identifier used to create an IAM Role and EventBridge Rule
  EventBusARN:
  Type: String
- Description: The destination in Sysdig's AWS account where your events are sent 
+ Description: The destination in Sysdig's AWS account where your events are sent
+ EventBridgeState:
+ Type: String
+ Description: The state of the EventBridge Rule
+ Default: ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ AllowedValues:
+ - ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ - ENABLED
+ - DISABLED 
  Resources: 
  EventBridgeRule:
  Type: "AWS::Events::Rule"
@@ -316,6 +348,7 @@ Resources:
  - 'AWS API Call via CloudTrail'
  - 'AWS Console Sign In via CloudTrail'
  - 'AWS Service Event via CloudTrail'
+ State: !Sub ${EventBridgeState}
  Targets:
  - Id: !Sub ${EventBridgeRoleName}
  Arn: !Sub ${EventBusARN}

templates_eventbridge/EventBridge.yaml

@@ -21,6 +21,8 @@ Metadata:
  default: "Target Event Bus (Sysdig use only)"
  EventBridgeRoleName:
  default: "Integration Name (Sysdig use only)"
+ EventBridgeState:
+ default: "State of the EventBridge Rule (Sysdig use only)"
 
 Parameters:
  EventBridgeRoleName:
@@ -35,6 +37,14 @@ Parameters:
  EventBusARN:
  Type: String
  Description: The destination in Sysdig's AWS account where your events are sent
+ EventBridgeState:
+ Type: String
+ Description: The state of the EventBridge Rule
+ Default: ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ AllowedValues:
+ - ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ - ENABLED
+ - DISABLED
 
 Resources:
  EventBridgeRole:
@@ -72,6 +82,7 @@ Resources:
  - 'AWS API Call via CloudTrail'
  - 'AWS Console Sign In via CloudTrail'
  - 'AWS Service Event via CloudTrail'
+ State: !Ref EventBridgeState
  Targets:
  - Id: !Ref EventBridgeRoleName
  Arn: !Ref EventBusARN

templates_eventbridge/OrgEventBridge.yaml

@@ -13,6 +13,7 @@ Metadata:
  - EventBusARN
  - Regions
  - OrganizationUnitIDs
+ - EventBridgeState
  ParameterLabels:
  CSPMRoleName:
  default: "CSPM Role Name (Sysdig use only)" 
@@ -28,6 +29,8 @@ Metadata:
  default: "EventBridge Regions (Sysdig use only)"
  OrganizationUnitIDs:
  default: "Organization Unit IDs (Sysdig use only)"
+ EventBridgeState:
+ default: "State of the EventBridge Rule (Sysdig use only)"
 Parameters:
  CSPMRoleName:
  Type: String
@@ -50,6 +53,15 @@ Parameters:
  OrganizationUnitIDs:
  Type: String
  Description: Comma separated list of Organization Unit IDs to deploy
+ EventBridgeState:
+ Type: String
+ Description: The state of the EventBridge Rule
+ Default: ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ AllowedValues:
+ - ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ - ENABLED
+ - DISABLED
+
 Resources:
  AdministrationRole:
  Type: AWS::IAM::Role
@@ -153,7 +165,9 @@ Resources:
  - ParameterKey: EventBridgeRoleName
  ParameterValue: !Ref EventBridgeRoleName
  - ParameterKey: EventBusARN
- ParameterValue: !Ref EventBusARN 
+ ParameterValue: !Ref EventBusARN
+ - ParameterKey: EventBridgeState
+ ParameterValue: !Ref EventBridgeState 
  StackInstancesGroup:
  - DeploymentTargets:
  Accounts: 
@@ -168,7 +182,15 @@ Resources:
  Description: A unique identifier used to create an IAM Role and EventBridge Rule
  EventBusARN:
  Type: String
- Description: The destination in Sysdig's AWS account where your events are sent 
+ Description: The destination in Sysdig's AWS account where your events are sent
+ EventBridgeState:
+ Type: String
+ Description: The state of the EventBridge Rule
+ Default: ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ AllowedValues:
+ - ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ - ENABLED
+ - DISABLED 
  Resources: 
  EventBridgeRule:
  Type: "AWS::Events::Rule"
@@ -180,6 +202,7 @@ Resources:
  - 'AWS API Call via CloudTrail'
  - 'AWS Console Sign In via CloudTrail'
  - 'AWS Service Event via CloudTrail'
+ State: !Sub ${EventBridgeState}
  Targets:
  - Id: !Sub ${EventBridgeRoleName}
  Arn: !Sub ${EventBusARN}
@@ -268,7 +291,9 @@ Resources:
  - ParameterKey: EventBridgeRoleName
  ParameterValue: !Ref EventBridgeRoleName
  - ParameterKey: EventBusARN
- ParameterValue: !Ref EventBusARN 
+ ParameterValue: !Ref EventBusARN
+ - ParameterKey: EventBridgeState
+ ParameterValue: !Ref EventBridgeState 
  StackInstancesGroup:
  - DeploymentTargets:
  OrganizationalUnitIds: !Split [ ",", !Ref OrganizationUnitIDs]
@@ -282,7 +307,15 @@ Resources:
  Description: A unique identifier used to create an IAM Role and EventBridge Rule
  EventBusARN:
  Type: String
- Description: The destination in Sysdig's AWS account where your events are sent 
+ Description: The destination in Sysdig's AWS account where your events are sent
+ EventBridgeState:
+ Type: String
+ Description: The state of the EventBridge Rule
+ Default: ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ AllowedValues:
+ - ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
+ - ENABLED
+ - DISABLED 
  Resources: 
  EventBridgeRule:
  Type: "AWS::Events::Rule"
@@ -294,6 +327,7 @@ Resources:
  - 'AWS API Call via CloudTrail'
  - 'AWS Console Sign In via CloudTrail'
  - 'AWS Service Event via CloudTrail'
+ State: !Sub ${EventBridgeState}
  Targets:
  - Id: !Sub ${EventBridgeRoleName}
  Arn: !Sub ${EventBusARN}