start producing events

cfn-parameters.json

@@ -1,6 +1,8 @@
 {
     "ObservabilityOuIds": $secrets.AWS_ORG_OBSERVABILITY_OU,
+    "ObservabilityAccountId": $secrets.AWS_ORG_OBSERVABILITY_ACCOUNT,
     "OrganizationId": $secrets.AWS_ORG_ID,
     "TargetOuIds": $secrets.AWS_ORG_ROOT_ID,
-    "TargetRegions": "us-east-1"
+    "TargetRegions": "us-east-1",
+    "EventBusName": $env.EVENTBUS_NAME
 }

stacksets/cfn-event-consumers/stackset.yaml

@@ -5,12 +5,15 @@ Parameters:
   OrganizationId:
     Type: String
     Description: "ID of AWS organization"
+  EventBusName:
+    Type: String
+    Description: "Name of the event bus"
 
 Resources:
   CfnMonitoringEventBus:
     Type: "AWS::Events::EventBus"
     Properties:
-      Name: "CfnMonitoringEventBus"
+      Name: !Ref EventBusName
 
   EventBusPolicy:
     Type: "AWS::Events::EventBusPolicy"

stacksets/cfn-event-producers/stackset.yaml

@@ -0,0 +1,26 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Description: Ship Cloudformation events to monitoring account
+
+Parameters:
+  EventBusName:
+    Type: String
+    Description: "Name of the event bus"
+  EventBusAccount:
+    Type: String
+    Description: "Account ID of the event bus"
+  EventBusRegion:
+    Type: String
+    Description: "Region of the event bus"
+
+Resources:
+  CfnEventRule:
+    Type: 'AWS::Events::Rule'
+    Properties:
+      Description: "Send CFN events to monitoring account"
+      EventPattern:
+        source:
+          - "aws.cloudformation"
+      State: "ENABLED"
+      Targets:
+        - Id: MonitoringBus
+          Arn: !Sub "arn:aws:events:${EventBusRegion}:${EventBusAccount}:event-bus/${EventBusName}"

template.yaml

@@ -4,17 +4,28 @@ Description: AWS Cloudformation Monitoring StackSets
 Metadata:
   EventConsumer:
     localTemplateFile: &event_consumer_template_body ./stacksets/cfn-event-consumers/stackset.yaml
+  EventProducer:
+    localTemplateFile: &event_producer_template_body ./stacksets/cfn-event-producers/stackset.yaml
 
 Parameters:
   ObservabilityOuIds:
     Type: CommaDelimitedList
     Description: Target deployment OU IDs
+  ObservabilityAccountId:
+    Type: String
+    Description: ID of AWS account
   OrganizationId:
     Type: String
     Description: ID of AWS organization
+  TargetOuIds:
+    Type: CommaDelimitedList
+    Description: List of OUs
   TargetRegions:
     Type: CommaDelimitedList
     Description: Target deployment region
+  EventBusName:
+    Type: String
+    Description: Name of the event bus
 
 Resources:
   CfnEventConsumerStackSet:
@@ -25,6 +36,8 @@ Resources:
       Parameters:
         - ParameterKey: OrganizationId
           ParameterValue: !Ref OrganizationId
+        - ParameterKey: EventBusName
+          ParameterValue: !Ref EventBusName
       StackInstancesGroup:
         - DeploymentTargets:
             OrganizationalUnitIds: !Ref ObservabilityOuIds
@@ -43,3 +56,33 @@ Resources:
         - CAPABILITY_IAM
       TemplateBody: *event_consumer_template_body
 
+  CfnEventProducerStackSet:
+    Type: AWS::CloudFormation::StackSet
+    Properties:
+      StackSetName: CfnMonitoringEventProducer
+      Description: CFN Monitoring Event Producer
+      Parameters:
+        - ParameterKey: EventBusName
+          ParameterValue: !Ref EventBusName
+        - ParameterKey: EventBusAccount
+          ParameterValue: !Ref ObservabilityAccountId
+        - ParameterKey: EventBusRegion
+          ParameterValue: us-east-1
+      StackInstancesGroup:
+        - DeploymentTargets:
+            OrganizationalUnitIds: !Ref TargetOuIds
+          Regions: !Ref TargetRegions
+      AutoDeployment:
+        Enabled: true
+        RetainStacksOnAccountRemoval: false
+      ManagedExecution:
+        Active: true
+      OperationPreferences:
+        RegionConcurrencyType: PARALLEL
+        FailureToleranceCount: 1
+        MaxConcurrentCount: 5
+      PermissionModel: SERVICE_MANAGED
+      Capabilities:
+        - CAPABILITY_IAM
+      TemplateBody: *event_producer_template_body
+