CloudWatch Alarms and Event Rules: Detect and Notify on KMS CMK Operations

My Saved Presets

A CloudWatch Event Rule that detects KMS Customer Master Key (CMK) changes and publishes change events to an SNS topic for notification. Events include key creation, deletion, or key enabling/disabling operations, imported key material operations, as well as updates to CMK key policies.

Description

EventBusName

Name

RoleArn

ScheduleExpression

State

Targets

Arn

BatchParameters

ArrayProperties

Size

JobDefinition

JobName

RetryStrategy

Attempts

DeadLetterConfig

Arn

EcsParameters

CapacityProviderStrategy

EnableECSManagedTags

EnableExecuteCommand

Group

LaunchType

NetworkConfiguration

AwsVpcConfiguration

AssignPublicIp DISABLED ENABLED
SecurityGroups

Subnets

PlacementConstraints

PlacementStrategies

PlatformVersion

PropagateTags

ReferenceId

TagList

TaskCount

TaskDefinitionArn

HttpParameters


PathParameterValues

Id

Input

InputPath

InputTransformer

InputTemplate

KinesisParameters

PartitionKeyPath

RedshiftDataParameters

Database

DbUser

SecretManagerArn

Sql

StatementName

WithEvent

RetryPolicy

MaximumEventAgeInSeconds

MaximumRetryAttempts

RoleArn

SqsParameters

MessageGroupId

CloudFormation Template