Bobcares
Client Area
Emergency Support
Amazon Web Services (AWS) | Latest

Cloudwatch: Notify IAM changes made to my AWS account

by | Jul 25, 2021

Cloudwatch: Notify IAM changes made to my AWS account – Let us Discuss

Recently, one of our customers created an Amazon CloudWatch Events rule to notify the changes.

However, the event rule isn’t triggering upon the changes made.

Here, at Bobcares, we assist our customers with several AWS queries as part of our AWS Support Services.

Today, let us see how we can notify the IAM change made to our AWS account.

 

Cloudwatch: Notify IAM changes made to my AWS account

Initially, we need to create a custom event pattern with a CloudWatch Events rule. This will trigger notifications when changes are made to a specific IAM API call.

Then, we route the response to an Amazon Simple Notification Service topic to receive a notification.

To do so, our Support Techs recommend the below steps:

Before we begin, we need to ensure the CloudWatch Events rule is in the US East (N. Virginia) Region.

In addition, we must enable an AWS CloudTrail trail in the same Region as the CloudWatch Events rule.

This is to send notifications to an SNS topic or Amazon Simple Queue Service queue.

Then we make sure to configure trail’s management events as Write-only or All.

For example, here our Support Techs show an event pattern that triggers a notification when CreateUser and DeleteUser API calls are made in your account.

1. Firstly, we open the CloudWatch console in the US East (N. Virginia) Region.

2. In the navigation pane, we select Rules > Create rule.

3. Then in the Service Name drop-down menu, we select IAM.

4. After that, in the Event Type drop-down menu, we select AWS API Call via CloudTrail.

5. In order to trigger the rule for specific API calls, we select Specific operation(s).

6. In the text box, we enter the name of an IAM operation.

7. We can also add more operations. To do so, we need to just click the + icon.

8. Then in Event Pattern Preview, we select Edit.

9. We copy and paste the following example template into the event pattern preview pane, and then select Save.

{
"source": [
"aws.iam"
],
"detail-type": [
"AWS API Call via CloudTrail"
],
"detail": {
"eventSource": [
"iam.amazonaws.com"
],
"eventName": [
"CreateUser",
"DeleteUser"
]
}
}

10. In Targets, we select Add target.

11. In Select Target, we select an SNS topic.

12. Finally, in the Topic drop-down menu, we select the SNS topic.

13. Later we go ahead with the option, Configure details.

14. In Configure rule details, we enter a name and description for the rule, and then we select Create rule.

[Need help with the notification settings? We’d be happy to assist]

 

Conclusion

In short, we saw how our Support Techs go about notifying IAM changes to AWS account.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Related Articles

  1. Monitor Automatic Recovery Instances Using CloudWatch Alarms – How to do
  2. Notifications for scheduled events using CloudWatch Events – How to set up
  3. Can’t see CloudWatch Logs for an AWS DMS task – How to fix
  4. Enable validation feature in AWS DMS – How to do

Never again lose customers to poor
server speed! Let us help you.

GET STARTED