CloudWatch Alarms and Event Rules: Detect and Notify on IAM Policy Changes

My Saved Presets

A CloudWatch Event Rule that detects IAM policy changes and publishes change events to an SNS topic for notification. Events include IAM policy creation/deletion/update operations as well as attaching/detaching policies from IAM users, roles or groups.

Description

EventBusName

Name

RoleArn

ScheduleExpression

State

Targets

Arn

BatchParameters

ArrayProperties

Size

JobDefinition

JobName

RetryStrategy

Attempts

DeadLetterConfig

Arn

EcsParameters

CapacityProviderStrategy

EnableECSManagedTags

EnableExecuteCommand

Group

LaunchType

NetworkConfiguration

AwsVpcConfiguration

AssignPublicIp DISABLED ENABLED
SecurityGroups

Subnets

PlacementConstraints

PlacementStrategies

PlatformVersion

PropagateTags

ReferenceId

TagList

TaskCount

TaskDefinitionArn

HttpParameters


PathParameterValues

Id

Input

InputPath

InputTransformer

InputTemplate

KinesisParameters

PartitionKeyPath

RedshiftDataParameters

Database

DbUser

SecretManagerArn

Sql

StatementName

WithEvent

RetryPolicy

MaximumEventAgeInSeconds

MaximumRetryAttempts

RoleArn

SqsParameters

MessageGroupId

CloudFormation Template