Use the cloudtrail.json template to setup CloudTrail across all regions.

• CloudTrail: records AWS API calls
• S3: object storage
• CloudWatch Logs: search and monitor your logs

1. Download the template cloudtrail.json
2. Open AWS CloudFormation within the Management Console: https://console.aws.amazon.com/cloudformation.
3. Create a new stack by clicking on the Create Stack button.
4. Select Upload a template to Amazon S3 and upload the template cloudtrail.json.
5. Click Next to proceed with the next step of the wizard.
6. Specify a name and all parameters for the stack.
7. Click Next to proceed with the next step of the wizard.
8. Click Next to skip the Options step of the wizard.
9. Check the I acknowledge that this template might cause AWS CloudFormation to create IAM resources. checkbox.
10. Click Create to start the creation of the stack.
11. Wait until the stack reaches the state CREATE_COMPLETE

Use the account-password-policy.json template to create a account password policy for your IAM users.

• IAM: Identity & Access Management
• Lambda: Used to implement the custom resource in the CloudFormation template

1. Download the template account-password-policy.json
2. Open AWS CloudFormation within the Management Console: https://console.aws.amazon.com/cloudformation.
3. Create a new stack by clicking on the Create Stack button.
4. Select Upload a template to Amazon S3 and upload the template account-password-policy.json.
5. Click Next to proceed with the next step of the wizard.
6. Specify a name and all parameters for the stack.
7. Click Next to proceed with the next step of the wizard.
8. Click Next to skip the Options step of the wizard.
9. Check the I acknowledge that this template might cause AWS CloudFormation to create IAM resources. checkbox.
10. Click Create to start the creation of the stack.
11. Wait until the stack reaches the state CREATE_COMPLETE

Do you need help? Mail to team@widdix.de.