Amazon CloudFormation StackSets sample templates
This section includes links to some sample Amazon CloudFormation templates that can help you use Amazon CloudFormation StackSets in your enterprise. Templates listed in this section enable Amazon CloudTrail or Amazon Config and rules within it.
Important
As a security best practice when allowing Amazon Config access to an Amazon S3 bucket, we
strongly recommend that you restrict access in the bucket policy with the
AWS:SourceAccount
condition. New templates are updated to have AWS:SourceAccount
.
If your existing bucket policy does not follow this security best practice, we
strongly recommend you edit that bucket policy to include this protection. This makes
sure that Amazon Config is granted access on behalf of expected users only.