Is there a way to create a lambda function which track all roles assumed by a user in the last 24 hours ?


I want to create a lambda function that sends me an sns alert of the list of all roles assumed by a user over the last 24 hours whenever a role X in account B is assumed by another role from account A .

Hi yes.

You can try leveraging CloudTrail to log API calls for assume role:

You can combine it with EventBridge rule, which then can trigger a an alert towards SNS, actually without need to use Lambda function.

Hope it helps ;)

