...
PolicyName: It should be a unique policy name that has not been used previously to assign the policy to 'ACNMDRCrossAccountRole'. Recommended PolicyNames - CrossAccountPolicyFor<S3BucketName> or CrossAccountPolicyFor<SQSName> or CrossAccountPolicyFor<LogGroupName>
S3BucketARN: ARN of the S3 bucket from which logs are going to be collected. S3BucketARN is also required if LoggingResource is 'SQS'. Example Values - arn:aws:s3:::<BucketName> or arn:aws:s3:::<BucketName>/<PrefixPath>/. (Note: Keep S3BucketARN blank in case of 'CloudWatchLogs')
SQSOrCloudWatchLogGroupARN: Provide SQS or CloudWatchLogGroup ARN as per LoggingResource selection, SQSOrCloudWatchLogGroupARN required in case of LoggingResource is 'SQS' or 'CloudWatchLogs', (note: Keep SQSOrCloudWatchLogGroupARN blank if LoggingResource is 'S3Bucket')
S3KMSKeyARN: Provide KMS Key ARN used to encrypt S3 Bucket (Note: Value required in case LoggingResource 'S3Bucket' or 'SQS' and s3 Bucket is encrypted)
SQSKMSKeyARN: Provide KMS Key ARN used to encrypt SQS (Note: Value required in case LoggingResource 'SQS' and sqs queue is encrypted)
SQSOrCloudWatchLogKMSKeyARN: Provide KMS Key ARN used to encrypt SQS queue or CloudWatch log group as per selected LoggingResource (Note: Value required in case of LoggingResource is 'SQS' or 'CloudWatchLog' and SQS queue or CloudWatch log group is encrypted)
c. Click on Next
...
7. In the Configure stack option, Add Tags and Permissions required as per the organization standards and nomenclature, or keep it unchanged and click on the Next button.
...
8. On the Review page, review the details of your stack, Please acknowledge the acknowledgment by clicking on the checkbox and click on Create stack button.
...
9. While your stack is being created, it would appear on the Stacks page with status as CREATE_IN_PROGRESS, after some time the status will change to CREATE_COMPLETE
...