Bobcares

wesupport

CLIENT AREACall Us 1-800-383-5193
Bobcares

wesupport

Call Us 1-800-383-5193
Bobcares

wesupport

Call Us 1-800-383-5193

Need help?

Our experts have had an average response time of 11.7 minutes in August 2021 to fix urgent issues.

We will keep your servers stable, secure, and fast at all times for one fixed price.

Cloudwatch: Notify IAM changes made to my AWS account

by | Jul 25, 2021

Cloudwatch: Notify IAM changes made to my AWS account – Let us Discuss

Recently, one of our customers created an Amazon CloudWatch Events rule to notify the changes.

However, the event rule isn’t triggering upon the changes made.

Here, at Bobcares, we assist our customers with several AWS queries as part of our AWS Support Services.

Today, let us see how we can notify the IAM change made to our AWS account.

 

Cloudwatch: Notify IAM changes made to my AWS account

Initially, we need to create a custom event pattern with a CloudWatch Events rule. This will trigger notifications when changes are made to a specific IAM API call.

Then, we route the response to an Amazon Simple Notification Service topic to receive a notification.

To do so, our Support Techs recommend the below steps:

Before we begin, we need to ensure the CloudWatch Events rule is in the US East (N. Virginia) Region.

In addition, we must enable an AWS CloudTrail trail in the same Region as the CloudWatch Events rule.

This is to send notifications to an SNS topic or Amazon Simple Queue Service queue.

Then we make sure to configure trail’s management events as Write-only or All.

For example, here our Support Techs show an event pattern that triggers a notification when CreateUser and DeleteUser API calls are made in your account.

1. Firstly, we open the CloudWatch console in the US East (N. Virginia) Region.

2. In the navigation pane, we select Rules > Create rule.

3. Then in the Service Name drop-down menu, we select IAM.

4. After that, in the Event Type drop-down menu, we select AWS API Call via CloudTrail.

5. In order to trigger the rule for specific API calls, we select Specific operation(s).

6. In the text box, we enter the name of an IAM operation.

7. We can also add more operations. To do so, we need to just click the + icon.

8. Then in Event Pattern Preview, we select Edit.

9. We copy and paste the following example template into the event pattern preview pane, and then select Save.

{
"source": [
"aws.iam"
],
"detail-type": [
"AWS API Call via CloudTrail"
],
"detail": {
"eventSource": [
"iam.amazonaws.com"
],
"eventName": [
"CreateUser",
"DeleteUser"
]
}
}

10. In Targets, we select Add target.

11. In Select Target, we select an SNS topic.

12. Finally, in the Topic drop-down menu, we select the SNS topic.

13. Later we go ahead with the option, Configure details.

14. In Configure rule details, we enter a name and description for the rule, and then we select Create rule.

[Need help with the notification settings? We’d be happy to assist]

 

Conclusion

In short, we saw how our Support Techs go about notifying IAM changes to AWS account.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *