Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

AWS cloud watch event pattern to detect S3 buckets creation/modification with public access

0

I am trying to create an AWS Cloud watch event which will trigger an email whenever a S3 bucket is created or modified to allow public access.

I have created the cloud trail, log stream and am tracking all the S3 events logs. When i am trying to create a custom event by giving the pattern to detect S3 buckets with public access i am not able to fetch any response or the event doesn't get triggered even if i create bucket with public access. Can you help me out with the custom pattern for the same ?

I have tried giving GetPublicAccessBlock, PutPublicAccessBlock etc., in event type but no luck. Please suggest accordingly.

Themen
SpeicherServerlosAnwendungsintegrationManagement & Unternehmensführung
Tags
Amazon Simple Storage ServiceAmazon EventBridgeAmazon CloudWatchAWS CloudTrail
Sprache
English
rePost-User-3145467
gefragt vor einem Jahr346 Aufrufe
1 Antwort
0

You can use IAM access analyzer to detect a S3 bucket that allow public access. https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html

You can send email for the detection results with Amazon EventBridge and Amazon SNS. https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-eventbridge.html

imiky
beantwortet vor einem Jahr

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt