CloudWatch alarm for API calls without MFA

Our AWS partner setup metrics and alarms for us a couple years ago, and one of them was an alarm to watch for API activity where the "user" was not signed in with MFA. It appears they used something like in this link, but it's not in the public documentation anymore. https://github.com/awsdocs/aws-cloudtrail-user-guide/blob/master/doc_source/cloudwatch-alarms-for-cloudtrail-additional-examples.md#cloudwatch-alarms-for-cloudtrail-no-mfa-example

Over time we had to add additional parameters to the filter for things like AWSServiceRoleForAutoScaling. Eventually we reached the 1024 character limit of the filter expression. Is there a way to work around that limit, or since the example has been removed from AWS documentation, is it no longer necessary to have an alarm that is triggered when API calls are made without MFA?

Themen

Management & Unternehmensführung

Relevanter Inhalt

Wie kann ich mit AWS CLI einen CloudWatch-Alarm auf Basis der Anomalieerkennung erstellen?
AWS OFFICIALAktualisiert vor 8 Monaten
Warum hat mein CloudWatch-Alarm den Status INSUFFICIENT\_DATA?
AWS OFFICIALAktualisiert vor 2 Jahren
Wie überwache ich meine Amazon-OpenSearch-Service-Cluster mithilfe von CloudWatch-Alarmen?
AWS OFFICIALAktualisiert vor 3 Jahren
Wie überwache ich AWS-VPN-Tunnel mithilfe von Amazon-CloudWatch-Alarmen?
AWS OFFICIALAktualisiert vor einem Jahr