Guided Walkthroughs
Step-by-step configuration wizards for your environment
Dedicated Security Account
AWS Backup Strategy
VPC Connectivity Setup
Automated Patching
All Guides
A CloudWatch Event Rule that detects changes to network ACLs and publishes change events to an SNS topic for notification.
AWSTemplateFormatVersion: "2010-09-09"
Description: ""
Resources:
EventRule:
Type: "AWS::Events::Rule"
Properties:
Name: "detect-network-acl-changes"
Description: "A CloudWatch Event Rule that detects changes to network ACLs and publishes change events to an SNS topic for notification."
State: "ENABLED"
Targets:
- Arn:
Ref: "SnsTopicEventRule"
Id: "target-id1"
EventPattern:
detail-type:
- "AWS API Call via CloudTrail"
detail:
eventSource:
- "ec2.amazonaws.com"
eventName:
- "CreateNetworkAcl"
- "CreateNetworkAclEntry"
- "DeleteNetworkAcl"
- "DeleteNetworkAclEntry"
- "ReplaceNetworkAclEntry"
- "ReplaceNetworkAclAssociation"
SnsTopicEventRule:
Type: "AWS::SNS::Topic"
Properties:
Subscription:
- Endpoint: "email@example.com"
Protocol: "email"
TopicName: "event-rule-action"
SnsTopicPolicyEventRule:
Type: "AWS::SNS::TopicPolicy"
Properties:
PolicyDocument:
Statement:
- Sid: "__default_statement_ID"
Effect: "Allow"
Principal:
AWS: "*"
Action:
- "SNS:GetTopicAttributes"
- "SNS:SetTopicAttributes"
- "SNS:AddPermission"
- "SNS:RemovePermission"
- "SNS:DeleteTopic"
- "SNS:Subscribe"
- "SNS:ListSubscriptionsByTopic"
- "SNS:Publish"
- "SNS:Receive"
Resource:
Ref: "SnsTopicEventRule"
Condition:
StringEquals:
AWS:SourceOwner:
Ref: "AWS::AccountId"
- Sid: "TrustCWEToPublishEventsToMyTopic"
Effect: "Allow"
Principal:
Service: "events.amazonaws.com"
Action: "sns:Publish"
Resource:
Ref: "SnsTopicEventRule"
Topics:
- Ref: "SnsTopicEventRule"
Parameters: {}
Metadata: {}
Conditions: {}