How can I trigger a Lambda function on DeactivateMFADevice without requiring an S3 bucket for CloudTrail logs?

0

I want to trigger a Lambda function whenever a user deactivates their MFA. To achieve this, I've set up an AWS CloudFormation template that creates a CloudTrail trail and an EventBridge rule.

However, the CloudTrail trail requires an S3 bucket to store logs, even though I only need the event to trigger the Lambda function and don't actually need to store the log data. When I try to delete the CloudFormation stack, I'm encountering an error because the S3 bucket cannot be deleted while it still contains objects.

Is there a way to monitor the DeactivateMFADevice event without creating an S3 bucket, or is there an alternative approach to handle the bucket deletion issue?

Thanks in advance.

2 Answers
0
AWS
Nuno_Q
answered 2 months ago
0

Hi,

As soon as I can trigger a Lambda, you can use it to post to AWS SNS and alert you without needing storing logs toS3.

See https://repost.aws/knowledge-center/sns-topic-lambda to see how to do it.

Best,

Didier

profile pictureAWS
EXPERT
answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions