-
I have a CloudWatch event rule for the sts:AssumeRole*, but AssumeRoleWithSAML is never triggered.
```
"detail-type": [
"AWS API Call via CloudTrail"
],
"detail": {
"eventSource"…
-
### Describe the bug
The cloudtrail event arrives
```json
{
"version": "0",
"id": "054eb9b4-d3f9-20be-eb55-1535d7519f07",
"detail-type": "AWS API Call via CloudTrail",
"sou…
-
**Describe the bug**
I have two policies which are triggered when an s3 bucket is created:
1. auto-owner tag:
```
actions:
- type: auto-tag-user
tag: Owner
```
and
2. If there i…
-
As discussed previously, the "Recent permission errors" add on is not part of the open source yet. Would be very helpful to have that included.
-
Hi,
We follow this document to set sharing CloudTrail Log Files Between AWS Accounts.
https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-sharing-logs.html
We put B AWS account’…
-
**Describe the bug**
I have created a custodian rule that triggers on the launch of an EC2 instance or attachment of an EBS volume to an existing EC2 instance (confirmed from Lambda logs as triggerin…
-
Within a child account (secops 906266124095) i was able to modify the LZ CW destination log group that sends its logs to the Seclog account.
This means that someone with malicious intent could turn…
stmag updated
2 years ago
-
With AWS recently introducing **private API Gateway Endpoints**, I'm planning to make all future created API gateways are private and terminate/modify all non-private (public & regional) gateways.
…
-
**Describe the bug**
When launching the new LZA 1.9.1, The `AWSAccelerator-PipelineStack` stack fails to build and rolls back. Upon further investigation, the logical ID `PipelineAcceleratorPipel…
-
When enabling output storage in S3, the ssm agent is doing unauthenticated access to the bucket, moreover the client also does not identify itself as being SSM or SDK but use "[Go-http-client/1.1]".
…