A CloudWatch Event Rule that detects IAM policy changes and publishes change events to an SNS topic for notification.

 
Items
1
Size
1.1 KB
Missing Parameters
AWSTemplateFormatVersion: '2010-09-09'
Resources:
  EventRule:
    Type: 'AWS::Events::Rule'
    Properties:
      Name: detect-iam-policy-changes
      Description: >-
        A CloudWatch Event Rule that detects IAM policy changes and publishes
        change events to an SNS topic for notification.
      State: ENABLED
      EventPattern:
        detail-type:
          - AWS API Call via CloudTrail
        detail:
          eventSource:
            - iam.amazonaws.com
          eventName:
            - CreateAccessKey
            - DeleteAccessKey
            - DeleteRolePolicy
            - DeleteUserPolicy
            - PutGroupPolicy
            - PutRolePolicy
            - PutUserPolicy
            - CreatePolicy
            - DeletePolicy
            - CreatePolicyVersion
            - DeletePolicyVersion
            - AttachRolePolicy
            - DetachRolePolicy
            - AttachUserPolicy
            - DetachUserPolicy
            - AttachGroupPolicy
            - DetachGroupPolicy
      Targets:
        - Arn: ''
          Id: target-id1
Parameters: {}
Metadata: {}
Conditions: {}

Customize Cf Template

Rule Configuration

Target Details


* Required field