01 Run create-topic command (OSX/Linux/UNIX) to create the Amazon SNS topic required to replace the missing SNS topic associated with your CloudTrail trail(s):
aws sns create-topic
--name cc-cloud-trail-sns-topic
02 The command output should return the Amazon Resource Name (ARN) of the newly created SNS topic:
{
"TopicArn": "arn:aws:sns:us-east-1:123456789012:cc-cloud-trail-sns-topic"
}
03 Run subscribe command (OSX/Linux/UNIX) to subscribe to the Amazon SNS topic created at the previous step using one or more email addresses as subscription endpoints:
aws sns subscribe
--region us-east-1
--topic-arn arn:aws:sns:us-east-1:123456789012:cc-cloud-trail-sns-topic
--protocol email
--notification-endpoint alert@cloudconformity.com
--return-subscription-arn
04 The command output should return the ARN of the new SNS subscription:
{
"SubscriptionArn": "arn:aws:sns:us-east-1:123456789012:cc-cloud-trail-sns-topic:abcdabcd-1234-abcd-1234-abcd1234abcd"
}
05 Run confirm-subscription command (OSX/Linux/UNIX) to confirm the new SNS subscription by validating the token sent to the subscription endpoint (i.e. your email address) specified at the previous step (the command should not produce an output):
aws sns confirm-subscription
--region us-east-1
--topic-arn arn:aws:sns:us-east-1:123456789012:cc-cloud-trail-sns-topic
--token 3468392f37fb687f5d51e6e241d7700ae02f7124d8268910b858cb4db727ceeb2474bb937929d3bdd7ce5d0cce19325d036bca58d3c217426bcafa9c501a2cac5646456gf1dd3797627467553dc438a8c974119496fc3eff026eaa5d15578ded6f9a5c43aec62d83ef5f49109da730567
06 Run update-trail command (OSX/Linux/UNIX) using the name of the Amazon CloudTrail trail that you want to reconfigure as the identifier parameter, to reconfigure the selected trail by attaching the newly created SNS topic:
aws cloudtrail update-trail
--region us-east-1
--name cc-main-cloud-trail
--sns-topic-name cc-cloud-trail-sns-topic
07 The command output should return the metadata available for the reconfigured trail:
{
"IncludeGlobalServiceEvents": true,
"IsOrganizationTrail": false,
"Name": "cc-main-cloud-trail",
"TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/cc-main-cloud-trail",
"LogFileValidationEnabled": false,
"SnsTopicARN": "arn:aws:sns:us-east-1:123456789012:cc-cloud-trail-sns-topic",
"IsMultiRegionTrail": true,
"S3BucketName": "aws-cloudtrail-log-bucket",
"SnsTopicName": "cc-cloud-trail-sns-topic"
}
08 Repeat steps no. 1 – 7 to reconfigure other Amazon CloudTrail trails with missing SNS topics, available in your AWS cloud account.