Create a Metric Alarm and Filter for IAM policy changes

Logging and monitoring

Create a Metric Alarm and Filter for IAM policy changes

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

AWS CIS
Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
CPRA
CSA CCM
Data Security Posture Management (DSPM) Best Practices
GDPR
hdh
HITRUST
ISO/IEC 27001
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs and establishing corresponding metric filters and alarms. Monitoring changes to IAM policies will help ensure authentication and authorization controls remain intact.

Recommended Mitigation

It is recommended that a metric filter and alarm be established changes made to Identity and Access Management (IAM) policies.

Create a Metric Alarm and Filter for IAM policy changes

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS