By Implementation

Service Control PoliciesConfig RulesAuto Remediation RulesConformance PacksAmazon GuardDutyAmazon InspectorAWS Security HubAWS Network FirewallRoute53 Resolver SecurityAmazon MacieS3 Bucket PoliciesCloudWatch Alarms and Event RulesAWS WAFAWS Secrets ManagerAWS Systems ManagerSecurity Groups & NACLsAWS KMSIAM PoliciesAmazon ECRRDS Event Subscriptions

By Service Protected

Configuration Packages

Strategy Guides

Other

CloudWatch Alarms and Event Rules

Detect and Notify on Network Changes

A CloudWatch Event Rule that detects changes to network configuration and publishes change events to an SNS topic for notification.

Items
3
Size
2.4 KB
AWSTemplateFormatVersion: "2010-09-09"
Description: ""
Resources:
  EventRule:
    Type: "AWS::Events::Rule"
    Properties:
      Name: "detect-network-changes"
      Description: "A CloudWatch Event Rule that detects changes to network configuration and publishes change events to an SNS topic for notification."
      State: "ENABLED"
      Targets:
        - Arn:
            Ref: "SnsTopicEventRule"
          Id: "target-id1"
      EventPattern:
        detail-type:
          - "AWS API Call via CloudTrail"
        detail:
          eventSource:
            - "ec2.amazonaws.com"
          eventName:
            - "AttachInternetGateway"
            - "AssociateRouteTable"
            - "CreateCustomerGateway"
            - "CreateInternetGateway"
            - "CreateRoute"
            - "CreateRouteTable"
            - "DeleteCustomerGateway"
            - "DeleteInternetGateway"
            - "DeleteRoute"
            - "DeleteRouteTable"
            - "DeleteDhcpOptions"
            - "DetachInternetGateway"
            - "DisassociateRouteTable"
            - "ReplaceRoute"
            - "ReplaceRouteTableAssociation"
  SnsTopicEventRule:
    Type: "AWS::SNS::Topic"
    Properties:
      Subscription:
        - Endpoint: "email@example.com"
          Protocol: "email"
      TopicName: "event-rule-action"
  SnsTopicPolicyEventRule:
    Type: "AWS::SNS::TopicPolicy"
    Properties:
      PolicyDocument:
        Statement:
          - Sid: "__default_statement_ID"
            Effect: "Allow"
            Principal:
              AWS: "*"
            Action:
              - "SNS:GetTopicAttributes"
              - "SNS:SetTopicAttributes"
              - "SNS:AddPermission"
              - "SNS:RemovePermission"
              - "SNS:DeleteTopic"
              - "SNS:Subscribe"
              - "SNS:ListSubscriptionsByTopic"
              - "SNS:Publish"
              - "SNS:Receive"
            Resource:
              Ref: "SnsTopicEventRule"
            Condition:
              StringEquals:
                AWS:SourceOwner:
                  Ref: "AWS::AccountId"
          - Sid: "TrustCWEToPublishEventsToMyTopic"
            Effect: "Allow"
            Principal:
              Service: "events.amazonaws.com"
            Action: "sns:Publish"
            Resource:
              Ref: "SnsTopicEventRule"
      Topics:
        - Ref: "SnsTopicEventRule"
Parameters: {}
Metadata: {}
Conditions: {}

Actions



Customize Template

Rule Configuration

Target Details


* Required field