Add shortcode

content/en/security/cloud_security_management/setup/cloudtrail_logs.md

@@ -13,9 +13,9 @@ To use AWS CloudTrail Logs with CSM Identity Risks, ensure that [Cloud SIEM][2]
 
 Complete the setup by installing the AWS integration and configuring log ingestion for AWS CloudTrail:
 
-## Set up AWS integration
+## Set up AWS integration using CloudFormation
 
-If you haven't already, set up the AWS integration.
+{{% cloud-siem-aws-setup-cloudformation %}}
 
 ## Enable AWS CloudTrail logging
 

content/en/security/cloud_siem/guide/aws-config-guide-for-cloud-siem.md

@@ -37,19 +37,7 @@ This guide walks you through the following steps so that you can start detecting
 
 ## Set up AWS integration using CloudFormation
 
-1. Go to Datadog's [AWS integration tile][2] to install the integration.
-2. Click **Automatically Using CloudFormation**. If there is already an AWS account set up, click **Add Another Account** first.
-3. Select the AWS Region where the CloudFormation stack will be launched.
-4. Select or create the Datadog API Key used to send data from your AWS account to Datadog.
-5. Select **Yes** for *Send Logs to Datadog*. This sets up the Datadog Lambda Forwarder to be used later for sending AWS CloudTrail logs to Datadog.
-6. Click **Launch CloudFormation Template**. This opens the AWS Console and loads the CloudFormation stack with the parameters filled in based on your selections in the prior Datadog form. 
-
-    **Note:** The `DatadogAppKey` parameter enables the CloudFormation stack to make API calls to Datadog to add and edit the Datadog configuration for this AWS account. The key is automatically generated and tied to your Datadog account. 
-
-7. Check the required boxes from AWS and click **Create stack**.
-8. After the CloudFormation stack is created, go back to the AWS integration tile in Datadog and click **Ready!**
-
-See [Getting Started with AWS][3] for more information about Datadog's AWS integration and CloudFormation template. See [AWS manual setup instructions][4] if you need to set up the AWS integration manually.
+{{% cloud-siem-aws-setup-cloudformation %}}
 
 ## Enable AWS CloudTrail logging 
 
@@ -75,9 +63,6 @@ Since Cloud SIEM applies detection rules to all processed logs, see the [in-app
 {{< partial name="whats-next/whats-next.html" >}}
 
 [1]: https://app.datadoghq.com/security?query=%40workflow.rule.type%3A%22Log%20Detection%22
-[2]: https://app.datadoghq.com/account/settings#integrations/amazon-web-services
-[3]: https://docs.datadoghq.com/getting_started/integrations/aws/
-[4]: https://docs.datadoghq.com/integrations/amazon_web_services/?tab=roledelegation#manual
 [9]: https://app.datadoghq.com/security?query=%40workflow.rule.type%3A%28%22Log%20Detection%22%29%20&column=time&order=desc&product=siem
 [10]: /security/cloud_siem/investigate_security_signals
 [11]: https://app.datadoghq.com/dash/integration/30459/aws-cloudtrail

layouts/shortcodes/cloud-siem-aws-cloudtrail-enable.md

@@ -1,10 +1,10 @@
 Enable AWS CloudTrail logging so that logs are sent to a S3 bucket. If you already have this setup, skip to [Send AWS CloudTrail logs to Datadog](#send-aws-cloudtrail-logs-to-datadog).
 
 1. Click **Create trail** on the [CloudTrail dashboard][100].
-2. Enter in the name for your trail.
+2. Enter a name for your trail.
 3. Create a new S3 bucket or use an existing S3 bucket to store the CloudTrail logs. 
-4. Create a new AWS KMS key or use an existing AWS KMS key. Click **Next**.
-5. Leave the event type with the default management read and write events, or choose additional event types you want to send to Datadog. Click **Next**.
+4. Create a new AWS KMS key or use an existing AWS KMS key, then click **Next**.
+5. Leave the event type with the default management read and write events, or choose additional event types you want to send to Datadog, then click **Next**.
 6. Review and click **Create trail**.
 
 [100]: https://console.aws.amazon.com/cloudtrail/home

layouts/shortcodes/cloud-siem-aws-setup-cloudformation.md

@@ -0,0 +1,20 @@
+1. Go to Datadog's [AWS integration tile][102] to install the integration.
+2. Click **Automatically Using CloudFormation**. If there is already an AWS account set up, click **Add Another Account** first.
+3. Select the AWS Region where the CloudFormation stack will be launched.
+4. Select or create the Datadog API Key used to send data from your AWS account to Datadog.
+5. Select **Yes** for *Send Logs to Datadog* to set up the Datadog Lambda Forwarder to be used later for sending AWS CloudTrail logs to Datadog.
+6. Click **Launch CloudFormation Template**. This opens the AWS Console and loads the CloudFormation stack with the parameters filled in based on your selections in the Datadog form. 
+
+    **Note:** The `DatadogAppKey` parameter enables the CloudFormation stack to make API calls to Datadog, allowing it to add and edit the configuration for this AWS account. The key is automatically generated and tied to your Datadog account. 
+
+7. Check the required boxes from AWS and click **Create stack**.
+8. After the CloudFormation stack is created, return to the AWS integration tile in Datadog and click **Ready!**
+
+**Notes**:
+
+- For more information about Datadog's AWS integration and CloudFormation template, see [Getting Started with AWS][103].
+- If you need to set up the AWS integration manually, see [AWS manual setup instructions][104].
+
+[102]: https://app.datadoghq.com/account/settings#integrations/amazon-web-services
+[103]: https://docs.datadoghq.com/getting_started/integrations/aws/
+[104]: https://docs.datadoghq.com/integrations/amazon_web_services/?tab=roledelegation#manual