SumoLogic · akhil-sumologic · Mar 9, 2026 · Mar 11, 2026 · Mar 18, 2026 · Mar 18, 2026
@@ -0,0 +1,144 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+dist/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+pip-wheel-metadata/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+.python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# Terraform
+terraform
+.terraform
+terraform.tfstate
+terraform.tfstate.backup
+.terraform.lock.hcl
+.test-data
+pkg/
+
+
+# OS stuff
+.DS_Store
+
+
+# pycharm
+.idea
@@ -43,9 +43,9 @@ Metadata:
     - benchmark
     - cloudtrail
     Name: sumologic-aws-cloudtrail-benchmark
-    LicenseUrl: s3://appdevstore/cloudtrailbenchmark/v1.0.22/cac1a6df52c685e0f6ebe4ae72078c80
-    ReadmeUrl: s3://appdevstore/cloudtrailbenchmark/v1.0.22/8a901bb4fbbe82f128fc502dd3077508
-    SemanticVersion: 1.0.22
+    LicenseUrl: s3://appdevstore/cloudtrailbenchmark/v1.0.23/cac1a6df52c685e0f6ebe4ae72078c80
+    ReadmeUrl: s3://appdevstore/cloudtrailbenchmark/v1.0.23/8a901bb4fbbe82f128fc502dd3077508
+    SemanticVersion: 1.0.23
     SourceCodeUrl: https://github.com/SumoLogic/sumologic-aws-lambda/tree/main/cloudtrailbenchmark
 Parameters:
   CollectorName:
@@ -70,12 +70,13 @@ Parameters:
     - ch
     - de
     - eu
+    - esc
     - fed
     - jp
     - kr
     - us1
     - us2
-    Description: Enter au, ca, ch, de, eu, fed, jp, kr, us1 or us2
+    Description: Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2
   RemoveSumoResourcesOnDeleteStack:
     AllowedValues:
     - true
@@ -141,7 +142,8 @@ Resources:
         Statement:
         - Effect: Allow
           Principal:
-            AWS: arn:aws:iam::926226587429:root
+            AWS:
+              Fn::Sub: arn:${AWS::Partition}:iam::926226587429:root
           Action: sts:AssumeRole
           Condition:
             StringEquals:
@@ -161,11 +163,11 @@ Resources:
             - s3:ListBucket
             Resource:
             - Fn::Sub:
-              - arn:aws:s3:::${CloudTrailTargetS3BucketName}
+              - arn:${AWS::Partition}:s3:::${CloudTrailTargetS3BucketName}
               - S3bucketName:
                   Ref: CloudTrailTargetS3BucketName
             - Fn::Sub:
-              - arn:aws:s3:::${CloudTrailTargetS3BucketName}/*
+              - arn:${AWS::Partition}:s3:::${CloudTrailTargetS3BucketName}/*
               - S3bucketName:
                   Ref: CloudTrailTargetS3BucketName
     Metadata:
@@ -184,14 +186,14 @@ Resources:
             Service: cloudtrail.amazonaws.com
           Action: s3:GetBucketAcl
           Resource:
-          - Fn::Sub: arn:aws:s3:::${CloudTrailTargetS3BucketName}
+          - Fn::Sub: arn:${AWS::Partition}:s3:::${CloudTrailTargetS3BucketName}
         - Sid: AWSCloudTrailWrite
           Effect: Allow
           Principal:
             Service: cloudtrail.amazonaws.com
           Action: s3:PutObject
           Resource:
-          - Fn::Sub: arn:aws:s3:::${CloudTrailTargetS3BucketName}/*
+          - Fn::Sub: arn:${AWS::Partition}:s3:::${CloudTrailTargetS3BucketName}/*
           Condition:
             StringEquals:
               s3:x-amz-acl: bucket-owner-full-control
@@ -201,7 +203,7 @@ Resources:
             Service: cloudtrail.amazonaws.com
           Action: s3:ListBucket
           Resource:
-          - Fn::Sub: arn:aws:s3:::${CloudTrailTargetS3BucketName}
+          - Fn::Sub: arn:${AWS::Partition}:s3:::${CloudTrailTargetS3BucketName}
     DependsOn:
     - TargetS3Bucket
     Metadata:
@@ -285,7 +287,7 @@ Resources:
                 Ref: AWS::AccountId
             ArnLike:
               aws:SourceArn:
-                Fn::Sub: arn:aws:s3:::${CloudTrailTargetS3BucketName}
+                Fn::Sub: arn:${AWS::Partition}:s3:::${CloudTrailTargetS3BucketName}
           Effect: Allow
           Principal:
             AWS: '*'

@@ -49,7 +49,7 @@ Metadata:
     Name: sumologic-aws-cloudtrail-benchmark
     LicenseUrl: ./LICENSE
     ReadmeUrl: ./README.md
-    SemanticVersion: 1.0.22
+    SemanticVersion: 1.0.23
     SourceCodeUrl: https://github.com/SumoLogic/sumologic-aws-lambda/tree/main/cloudtrailbenchmark
 
 
@@ -76,12 +76,13 @@ Parameters:
       - ch
       - de
       - eu
+      - esc
       - fed
       - jp
       - kr
       - us1
       - us2
-    Description: "Enter au, ca, ch, de, eu, fed, jp, kr, us1 or us2"
+    Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2"
   RemoveSumoResourcesOnDeleteStack:
     AllowedValues:
       - true
@@ -137,7 +138,7 @@ Resources:
         Statement:
           - Effect: Allow
             Principal:
-              AWS: arn:aws:iam::926226587429:root
+              AWS: !Sub "arn:${AWS::Partition}:iam::926226587429:root"
             Action: sts:AssumeRole
             Condition:
               StringEquals:
@@ -157,10 +158,10 @@ Resources:
               - s3:ListBucket
               Resource:
                 - !Sub
-                  - arn:aws:s3:::${CloudTrailTargetS3BucketName}
+                  - arn:${AWS::Partition}:s3:::${CloudTrailTargetS3BucketName}
                   - { S3bucketName: !Ref CloudTrailTargetS3BucketName }
                 - !Sub
-                  - arn:aws:s3:::${CloudTrailTargetS3BucketName}/*
+                  - arn:${AWS::Partition}:s3:::${CloudTrailTargetS3BucketName}/*
                   - { S3bucketName: !Ref CloudTrailTargetS3BucketName  }
 
   SumoCloudTrailExportPolicy:
@@ -176,14 +177,14 @@ Resources:
               Service: cloudtrail.amazonaws.com
             Action: s3:GetBucketAcl
             Resource:
-              - !Sub "arn:aws:s3:::${CloudTrailTargetS3BucketName}"
+              - !Sub "arn:${AWS::Partition}:s3:::${CloudTrailTargetS3BucketName}"
           - Sid: AWSCloudTrailWrite
             Effect: Allow
             Principal:
               Service: cloudtrail.amazonaws.com
             Action: s3:PutObject
             Resource:
-              - !Sub "arn:aws:s3:::${CloudTrailTargetS3BucketName}/*"
+              - !Sub "arn:${AWS::Partition}:s3:::${CloudTrailTargetS3BucketName}/*"
             Condition:
               StringEquals:
                 s3:x-amz-acl: bucket-owner-full-control
@@ -193,7 +194,7 @@ Resources:
               Service: cloudtrail.amazonaws.com
             Action: s3:ListBucket
             Resource:
-              - !Sub "arn:aws:s3:::${CloudTrailTargetS3BucketName}"
+              - !Sub "arn:${AWS::Partition}:s3:::${CloudTrailTargetS3BucketName}"
 
     DependsOn:
       - TargetS3Bucket
@@ -262,7 +263,7 @@ Resources:
               StringEquals:
                 aws:SourceAccount: !Ref AWS::AccountId
               ArnLike:
-                aws:SourceArn: !Sub "arn:aws:s3:::${CloudTrailTargetS3BucketName}"
+                aws:SourceArn: !Sub "arn:${AWS::Partition}:s3:::${CloudTrailTargetS3BucketName}"
             Effect: Allow
             Principal:
               AWS: "*"

@@ -35,12 +35,13 @@ Parameters:
       - ch
       - de
       - eu
+      - esc
       - fed
       - jp
       - kr
       - us1
       - us2
-    Description: "Enter au, ca, ch, de, eu, fed, jp, kr, us1 or us2"
+    Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2"
   RemoveSumoResourcesOnDeleteStack:
     AllowedValues:
     - true

@@ -12,7 +12,7 @@ else
 fi
 uid=$(cat /dev/random | LC_CTYPE=C tr -dc "[:lower:]" | head -c 6)
 
-version="1.0.22"
+version="1.0.23"
 
 sam package --template-file template.yaml --s3-bucket $SAM_S3_BUCKET  --output-template-file packaged.yaml --s3-prefix "cloudtrailbenchmark/v$version" --region $AWS_REGION --profile $AWS_PROFILE
 

@@ -108,7 +108,9 @@
                 "Type": "AWS::IAM::Role",
                 "Properties": {
                     "ManagedPolicyArns": [
-                        "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+                        {
+                          "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+                        }
                     ],
                     "AssumeRolePolicyDocument": {
                         "Version": "2012-10-17",

@@ -11,7 +11,7 @@ else
     AWS_REGION="us-east-2"
 fi
 
-version="1.0.19"
+version="1.0.20"
 
 echo "Creating package.yaml"
 sam package --template-file template_v2.yaml --s3-bucket $SAM_S3_BUCKET  --output-template-file packaged.yaml --s3-prefix "guarddutybenchmark/v"$version --region $AWS_REGION --profile $AWS_PROFILE

@@ -53,8 +53,8 @@ Metadata:
     - benchmark
     - guardduty
     Name: sumologic-guardduty-benchmark
-    LicenseUrl: s3://appdevstore/guarddutybenchmark/v1.0.19/6092dd6c323e33634657102f570628e0
-    ReadmeUrl: s3://appdevstore/guarddutybenchmark/v1.0.19/cab012d7fb7887671b751e6f5c0d2062
+    LicenseUrl: s3://appdevstore/guarddutybenchmark/v1.0.20/6092dd6c323e33634657102f570628e0
+    ReadmeUrl: s3://appdevstore/guarddutybenchmark/v1.0.20/cab012d7fb7887671b751e6f5c0d2062
     SemanticVersion: 1.0.19
     SourceCodeUrl: https://github.com/SumoLogic/sumologic-aws-lambda/tree/main/cloudwatchevents/guarddutybenchmark
     SpdxLicenseId: Apache-2.0
@@ -81,12 +81,13 @@ Parameters:
     - ch
     - de
     - eu
+    - esc
     - fed
     - jp
     - kr
     - us1
     - us2
-    Description: Enter au, ca, ch, de, eu, fed, jp, kr, us1 or us2
+    Description: Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2
   RemoveSumoResourcesOnDeleteStack:
     AllowedValues:
     - true
@@ -98,7 +99,7 @@ Parameters:
 Resources:
   CloudWatchEventFunction:
     Properties:
-      CodeUri: s3://appdevstore/guarddutybenchmark/v1.0.19/22b7b226ca9ec3b9dbb28b94c0e5f824
+      CodeUri: s3://appdevstore/guarddutybenchmark/v1.0.20/22b7b226ca9ec3b9dbb28b94c0e5f824
       Environment:
         Variables:
           SUMO_ENDPOINT: