diff --git a/aws_quickstart/datadog_agentless_delegate_role.yaml b/aws_quickstart/datadog_agentless_delegate_role.yaml index 760d4287..199ee64e 100644 --- a/aws_quickstart/datadog_agentless_delegate_role.yaml +++ b/aws_quickstart/datadog_agentless_delegate_role.yaml @@ -22,15 +22,11 @@ Parameters: DatadogSite: Type: String - Description: The Datadog site to use for the Datadog Agentless Scanner + Description: >- + The Datadog site to use for the Datadog Agentless Scanner. + Allowed values: datadoghq.com, datadoghq.eu, us3.datadoghq.com, us5.datadoghq.com, + ap1.datadoghq.com, ap2.datadoghq.com. Default: datadoghq.com - AllowedValues: - - datadoghq.com - - datadoghq.eu - - us3.datadoghq.com - - us5.datadoghq.com - - ap1.datadoghq.com - - ap2.datadoghq.com AgentlessVulnerabilityScanning: Type: String diff --git a/aws_quickstart/datadog_agentless_delegate_role_stackset.yaml b/aws_quickstart/datadog_agentless_delegate_role_stackset.yaml index 0065d311..89c3c382 100644 --- a/aws_quickstart/datadog_agentless_delegate_role_stackset.yaml +++ b/aws_quickstart/datadog_agentless_delegate_role_stackset.yaml @@ -26,15 +26,11 @@ Parameters: DatadogSite: Type: String - Description: The Datadog site to use for the Datadog Agentless Scanner + Description: >- + The Datadog site to use for the Datadog Agentless Scanner. + Allowed values: datadoghq.com, datadoghq.eu, us3.datadoghq.com, us5.datadoghq.com, + ap1.datadoghq.com, ap2.datadoghq.com. Default: datadoghq.com - AllowedValues: - - datadoghq.com - - datadoghq.eu - - us3.datadoghq.com - - us5.datadoghq.com - - ap1.datadoghq.com - - ap2.datadoghq.com AgentlessVulnerabilityScanning: Type: String diff --git a/aws_quickstart/datadog_agentless_scanning.yaml b/aws_quickstart/datadog_agentless_scanning.yaml index 70ea0cb7..838ed1ab 100644 --- a/aws_quickstart/datadog_agentless_scanning.yaml +++ b/aws_quickstart/datadog_agentless_scanning.yaml @@ -61,15 +61,11 @@ Parameters: DatadogSite: Type: String - Description: The Datadog site to use for the Datadog Agentless Scanner + Description: >- + The Datadog site to use for the Datadog Agentless Scanner. + Allowed values: datadoghq.com, datadoghq.eu, us3.datadoghq.com, us5.datadoghq.com, + ap1.datadoghq.com, ap2.datadoghq.com. Default: datadoghq.com - AllowedValues: - - datadoghq.com - - datadoghq.eu - - us3.datadoghq.com - - us5.datadoghq.com - - ap1.datadoghq.com - - ap2.datadoghq.com ScannerVPCId: Type: String diff --git a/aws_quickstart/datadog_integration_api_call_v2.yaml b/aws_quickstart/datadog_integration_api_call_v2.yaml index 7a0ee488..cb17ffaf 100644 --- a/aws_quickstart/datadog_integration_api_call_v2.yaml +++ b/aws_quickstart/datadog_integration_api_call_v2.yaml @@ -16,15 +16,10 @@ Parameters: DatadogSite: Type: String Default: datadoghq.com - Description: Define your Datadog Site to send data to. - AllowedValues: - - datadoghq.com - - datadoghq.eu - - us3.datadoghq.com - - us5.datadoghq.com - - ap1.datadoghq.com - - ap2.datadoghq.com - - ddog-gov.com + Description: >- + Define your Datadog Site to send data to. + Allowed values: datadoghq.com, datadoghq.eu, us3.datadoghq.com, us5.datadoghq.com, + ap1.datadoghq.com, ap2.datadoghq.com, ddog-gov.com (GovCloud). IAMRoleName: Description: >- The name of the IAM role created for Datadog's use. diff --git a/aws_quickstart/main_extended.yaml b/aws_quickstart/main_extended.yaml index 1874b3ac..3ce68af4 100644 --- a/aws_quickstart/main_extended.yaml +++ b/aws_quickstart/main_extended.yaml @@ -32,15 +32,10 @@ Parameters: DatadogSite: Type: String Default: datadoghq.com - Description: Define your Datadog Site to send data to. - AllowedValues: - - datadoghq.com - - datadoghq.eu - - us3.datadoghq.com - - us5.datadoghq.com - - ap1.datadoghq.com - - ap2.datadoghq.com - - ddog-gov.com + Description: >- + Define your Datadog Site to send data to. + Allowed values: datadoghq.com, datadoghq.eu, us3.datadoghq.com, us5.datadoghq.com, + ap1.datadoghq.com, ap2.datadoghq.com, ddog-gov.com (GovCloud). IAMRoleName: Description: Customize the name of IAM role for Datadog AWS integration Type: String @@ -162,6 +157,10 @@ Conditions: Fn::Equals: - !Ref DisableResourceCollection - false + IsStaging: + Fn::Equals: + - !Ref DatadogSite + - datad0g.com EnableAgentlessScanning: Fn::And: - Fn::Not: @@ -243,18 +242,21 @@ Resources: IAMRoleName: !Ref IAMRoleName ResourceCollectionPermissions: !If [ResourceCollectionPermissions, true, false] DdAWSAccountId: !If - - IsAP1 - - "417141415827" + - IsStaging + - "727006795293" - !If - - IsAP2 - - "412381753143" + - IsAP1 + - "417141415827" - !If - - IsGov + - IsAP2 + - "412381753143" - !If - - IsAWSGovCloud - - "065115117704" - - "392588925713" - - "464622532012" + - IsGov + - !If + - IsAWSGovCloud + - "065115117704" + - "392588925713" + - "464622532012" # The Lambda function to ship logs from S3 and CloudWatch, custom metrics and traces from Lambda functions to Datadog # https://github.com/DataDog/datadog-serverless-functions/tree/master/aws/logs_monitoring ForwarderStack: diff --git a/aws_quickstart/main_extended_workflow.yaml b/aws_quickstart/main_extended_workflow.yaml index c768f92a..adb0f8d2 100644 --- a/aws_quickstart/main_extended_workflow.yaml +++ b/aws_quickstart/main_extended_workflow.yaml @@ -42,15 +42,10 @@ Parameters: DatadogSite: Type: String Default: datadoghq.com - Description: Define your Datadog Site to send data to. - AllowedValues: - - datadoghq.com - - datadoghq.eu - - us3.datadoghq.com - - us5.datadoghq.com - - ap1.datadoghq.com - - ap2.datadoghq.com - - ddog-gov.com + Description: >- + Define your Datadog Site to send data to. + Allowed values: datadoghq.com, datadoghq.eu, us3.datadoghq.com, us5.datadoghq.com, + ap1.datadoghq.com, ap2.datadoghq.com, ddog-gov.com (GovCloud). IAMRoleName: Description: Customize the name of IAM role for Datadog AWS integration Type: String @@ -220,6 +215,10 @@ Conditions: Fn::And: - Condition: NoForwarder - Condition: NoAgentlessScanning + IsStaging: + Fn::Equals: + - !Ref DatadogSite + - datad0g.com IsAP1: Fn::Equals: - !Ref DatadogSite @@ -448,18 +447,21 @@ Resources: IAMRoleName: !Ref IAMRoleName ResourceCollectionPermissions: !If [ResourceCollectionPermissions, true, false] DdAWSAccountId: !If - - IsAP1 - - "417141415827" + - IsStaging + - "727006795293" - !If - - IsAP2 - - "412381753143" + - IsAP1 + - "417141415827" - !If - - IsGov + - IsAP2 + - "412381753143" - !If - - IsAWSGovCloud - - "065115117704" - - "392588925713" - - "464622532012" + - IsGov + - !If + - IsAWSGovCloud + - "065115117704" + - "392588925713" + - "464622532012" # Step 3: Notify IAM role creation finished NotifyIAMRoleCreationFinished: diff --git a/aws_quickstart/main_v2.yaml b/aws_quickstart/main_v2.yaml index 88bba2cb..f33e16cd 100644 --- a/aws_quickstart/main_v2.yaml +++ b/aws_quickstart/main_v2.yaml @@ -19,15 +19,10 @@ Parameters: DatadogSite: Type: String Default: datadoghq.com - Description: Define your Datadog Site to send data to. - AllowedValues: - - datadoghq.com - - datadoghq.eu - - us3.datadoghq.com - - us5.datadoghq.com - - ap1.datadoghq.com - - ap2.datadoghq.com - - ddog-gov.com + Description: >- + Define your Datadog Site to send data to. + Allowed values: datadoghq.com, datadoghq.eu, us3.datadoghq.com, us5.datadoghq.com, + ap1.datadoghq.com, ap2.datadoghq.com, ddog-gov.com (GovCloud). IAMRoleName: Description: Customize the name of IAM role for Datadog AWS integration Type: String @@ -96,6 +91,10 @@ Conditions: Fn::Equals: - !Ref DisableResourceCollection - false + IsStaging: + Fn::Equals: + - !Ref DatadogSite + - datad0g.com IsAP1: Fn::Equals: - !Ref DatadogSite @@ -136,18 +135,21 @@ Resources: IAMRoleName: !Ref IAMRoleName ResourceCollectionPermissions: !If [ResourceCollectionPermissions, true, false] DdAWSAccountId: !If - - IsAP1 - - "417141415827" + - IsStaging + - "727006795293" - !If - - IsAP2 - - "412381753143" + - IsAP1 + - "417141415827" - !If - - IsGov + - IsAP2 + - "412381753143" - !If - - IsAWSGovCloud - - "065115117704" - - "392588925713" - - "464622532012" + - IsGov + - !If + - IsAWSGovCloud + - "065115117704" + - "392588925713" + - "464622532012" # The Lambda function to ship logs from S3 and CloudWatch, custom metrics and traces from Lambda functions to Datadog # https://github.com/DataDog/datadog-serverless-functions/tree/master/aws/logs_monitoring ForwarderStack: diff --git a/aws_quickstart/main_workflow.yaml b/aws_quickstart/main_workflow.yaml index fd8b7519..66905027 100644 --- a/aws_quickstart/main_workflow.yaml +++ b/aws_quickstart/main_workflow.yaml @@ -29,15 +29,10 @@ Parameters: DatadogSite: Type: String Default: datadoghq.com - Description: Define your Datadog Site to send data to. - AllowedValues: - - datadoghq.com - - datadoghq.eu - - us3.datadoghq.com - - us5.datadoghq.com - - ap1.datadoghq.com - - ap2.datadoghq.com - - ddog-gov.com + Description: >- + Define your Datadog Site to send data to. + Allowed values: datadoghq.com, datadoghq.eu, us3.datadoghq.com, us5.datadoghq.com, + ap1.datadoghq.com, ap2.datadoghq.com, ddog-gov.com (GovCloud). IAMRoleName: Description: Customize the name of IAM role for Datadog AWS integration Type: String @@ -85,6 +80,10 @@ Conditions: Fn::Equals: - !Ref DisableResourceCollection - false + IsStaging: + Fn::Equals: + - !Ref DatadogSite + - datad0g.com IsAP1: Fn::Equals: - !Ref DatadogSite @@ -308,18 +307,21 @@ Resources: IAMRoleName: !Ref IAMRoleName ResourceCollectionPermissions: !If [ResourceCollectionPermissions, true, false] DdAWSAccountId: !If - - IsAP1 - - "417141415827" + - IsStaging + - "727006795293" - !If - - IsAP2 - - "412381753143" + - IsAP1 + - "417141415827" - !If - - IsGov + - IsAP2 + - "412381753143" - !If - - IsAWSGovCloud - - "065115117704" - - "392588925713" - - "464622532012" + - IsGov + - !If + - IsAWSGovCloud + - "065115117704" + - "392588925713" + - "464622532012" # Step 3: Notify IAM role creation finished NotifyIAMRoleCreationFinished: diff --git a/aws_quickstart/version.txt b/aws_quickstart/version.txt index 08cb5402..d1444549 100644 --- a/aws_quickstart/version.txt +++ b/aws_quickstart/version.txt @@ -1 +1 @@ -v4.7.1 +v4.7.2