You must be logged in to view saved presets
Internet Gateway Changes Alarm
A CloudWatch Alarm that triggers when changes are made to an Internet Gateway in a VPC.
Prerequisites: This Alarm requires CloudTrail enabled, with events sent to a CloudWatch Log Group. See Related Configuration Items for configuration to enable CloudTrail/CloudWatch, or enter the CloudWatch Log Group name under the Metric Filter Configuration section.Items
3
Size
1.3 KB
Missing Parameters
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
SnsTopicMetricFilterCloudWatchAlarm:
Type: 'AWS::SNS::Topic'
Properties:
Subscription:
- Endpoint: email@example.com
Protocol: email
TopicName: alarm-action
CloudWatchAlarm:
Type: 'AWS::CloudWatch::Alarm'
Properties:
AlarmName: igw_changes
AlarmDescription: A CloudWatch Alarm that triggers when changes are made to an Internet Gateway in a VPC.
MetricName: GatewayEventCount
Namespace: CloudTrailMetrics
Statistic: Sum
Period: '300'
EvaluationPeriods: '1'
Threshold: '1'
ComparisonOperator: GreaterThanOrEqualToThreshold
AlarmActions:
- Ref: SnsTopicMetricFilterCloudWatchAlarm
TreatMissingData: notBreaching
MetricFilterCloudWatchAlarm:
Type: 'AWS::Logs::MetricFilter'
Properties:
LogGroupName: ''
FilterPattern: '{ ($.eventName = CreateCustomerGateway) || ($.eventName = DeleteCustomerGateway) || ($.eventName = AttachInternetGateway) || ($.eventName = CreateInternetGateway) || ($.eventName = DeleteInternetGateway) || ($.eventName = DetachInternetGateway) }'
MetricTransformations:
- MetricValue: '1'
MetricNamespace: CloudTrailMetrics
MetricName: GatewayEventCount
Parameters: {}
Metadata: {}
Conditions: {}
Actions
Customize Template
* Required field
© 2025 asecurecloud. All rights reserved.