Is it possible to send these resources that has public access to event bridge and then SNS? What's the format for this?

0

I'm only seeing evnets for API calls or common metrics based on operations. But for public access is it possible to create these events to trigger an SNS?

Are there any examples of these I can find anywhere of how it would look in format and CDK?

Public Access to RDS Cluster
Public Access to DynamoDB
Public Access to API Gateway
1 Answer
0

Yes, it is possible to send events related to public access to resources like RDS Clusters, DynamoDB tables, and API Gateways to Amazon EventBridge and then to Amazon SNS. These events can be triggered by various actions within these services, such as modifications to resource configurations, access attempts, or changes in usage patterns. While the primary focus of EventBridge is on operational events generated by AWS services, custom events can also be sent to EventBridge and then routed to SNS topics for further processing or notification.

Example to create an Amazon EventBridge rule that monitors API Gateway method changes and sends notifications to an Amazon SNS topic :

import * as cdk from 'aws-cdk-lib'; import * as events from 'aws-cdk-lib/aws-events'; import * as targets from 'aws-cdk-lib/aws-events-targets'; import * as sns from 'aws-cdk-lib/aws-sns'; import * as snsSubscriptions from 'aws-cdk-lib/aws-sns-subscriptions';

class ApiGatewayPublicAccessMonitorStack extends cdk.Stack { constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) { super(scope, id, props);

// Create an SNS Topic
const topic = new sns.Topic(this, 'PublicAccessTopic');

// Add an email subscription to the SNS Topic
topic.addSubscription(new snsSubscriptions.EmailSubscription('your-email@example.com'));

// Create an EventBridge Rule
new events.Rule(this, 'ApiGatewayPublicAccessRule', {
  eventPattern: {
    source: ['aws.apigateway'],
    detailType: ['AWS API Call via CloudTrail'],
    detail: {
      eventSource: ['apigateway.amazonaws.com'],
      eventName: ['PutMethod'] // Consider adjusting this based on your needs
    }
  },
  targets: [new targets.SnsTopic(topic)], // Specify the SNS Topic as the target
});

} }

// Initialize the CDK App and create the stack const app = new cdk.App(); new ApiGatewayPublicAccessMonitorStack(app, 'ApiGatewayPublicAccessMonitorStack');

profile pictureAWS
EXPERT
Deeksha
answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions