CloudWatch alarm for API calls without MFA

Our AWS partner setup metrics and alarms for us a couple years ago, and one of them was an alarm to watch for API activity where the "user" was not signed in with MFA. It appears they used something like in this link, but it's not in the public documentation anymore. https://github.com/awsdocs/aws-cloudtrail-user-guide/blob/master/doc_source/cloudwatch-alarms-for-cloudtrail-additional-examples.md#cloudwatch-alarms-for-cloudtrail-no-mfa-example

Over time we had to add additional parameters to the filter for things like AWSServiceRoleForAutoScaling. Eventually we reached the 1024 character limit of the filter expression. Is there a way to work around that limit, or since the example has been removed from AWS documentation, is it no longer necessary to have an alarm that is triggered when API calls are made without MFA?

Sujets

Gestion et gouvernance

Balises

Amazon CloudWatch

Langue

English

rePost-User-9302612

demandé il y a 2 ans94 vues

Aucune réponse

Le plus récent
Le plus de votes
La plupart des commentaires

Contenus pertinents

[ACTION REQUIRED] Update your TLS connections to 1.2 : quelles applications sont concernées ?
rePost-User-7550145
demandé il y a un an
account is currently blocked and not recognized as a valid account
Yves Boah
demandé il y a un an
DynamoDB metrics sur la quantité d'item
rePost-User-0177378
demandé il y a un an
error 403 / cloud front
nico-HPF
demandé il y a un mois
Comment calculer le débit et définir une alarme CloudWatch pour AWS Direct Connect ?
AWS OFFICIELA mis à jour il y a un an
Comment calculer le débit et configurer une alarme CloudWatch pour Transit Gateway ?
AWS OFFICIELA mis à jour il y a un an
Comment configurer une alarme CloudWatch pour récupérer automatiquement mon instance EC2 ?
AWS OFFICIELA mis à jour il y a un an
Comment surveiller les tunnels VPN AWS à l'aide des alarmes Amazon CloudWatch ?
AWS OFFICIELA mis à jour il y a un an