Is there a way to create a lambda function which track all roles assumed by a user in the last 24 hours ?

I want to create a lambda function that sends me an sns alert of the list of all roles assumed by a user over the last 24 hours whenever a role X in account B is assumed by another role from account A .

主题

无服务器计算安全、身份和合规性应用程序集成

标签

AWS Lambda AWS 身份和访问权限管理 Amazon EventBridge

语言

English

rePost-User-8971685

已提问 1 年前232 查看次数

1 回答

最新
投票最多
评论最多

Hi yes.

You can try leveraging CloudTrail to log API calls for assume role: https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html

You can combine it with EventBridge rule, which then can trigger a an alert towards SNS, actually without need to use Lambda function.

Hope it helps ;)

专家

Antonio_Lagrotteria

已回答 1 年前

专家

Brettski-AWS

已审核 1 年前

Is there a way to create a lambda function which track all roles assumed by a user in the last 24 hours ?

相关内容