skip to Main Content

Cloudwatch alarm for IAM Policies changes doesn't work – Amazon web services

I'm just trying to create fully functional alarm that will change state if there's any IAM Policies changes will be made. Create an S3 Bucket for Cloudtrail logs. Create trail in Cloudtrail. Add Metric filter: {($.eventName=DeleteGroupPolicy)||($.eventName=DeleteRolePolicy)||($.eventName=DeleteUserPolicy)||($.eventName=PutGroupPolicy)||($.eventName=PutRolePolicy)||($.eventName=PutUserPolicy)||($.eventName=CreatePolicy)||($.eventName=DeletePolicy)||($.eventName=CreatePolicyVersion)||($.eventName=DeletePolicyVersion)||($.eventName=AttachRolePolicy)||($.eventName=DetachRolePolicy)||($.eventName=AttachUserPolicy)||($.eventName=DetachUserPolicy)||($.eventName=AttachGroupPolicy)||($.eventName=DetachGroupPolicy)} Create Alarm for this…

VIEW QUESTION
Back To Top
Search