Best practice rules for Amazon CloudWatch Events
AWS CloudWatch Events delivers real-time stream of system events that described changes in AWS resources, and takes corrective action as necessary. CloudWatch Events provides insight into a number of AWS resources, such as EC2, Lambda, Kinesis, Step Functions and CodePipeline. Using Cloudwatch Events provides automated actions that self-trigger to send messages to respond to the environment, activate functions, make changes, and capture state information. AWS CloudWatch Events will help you address security, reliability, performance efficiency and cost optimisation within your AWS account in the most efficient way.
Trend Micro Cloud One™ – Conformity monitors Amazon CloudWatch Events with the following rules:
- AWS CloudWatch Events In Use
Ensure CloudWatch Events is in use to help you respond to operational changes within your AWS resources.
- Event Bus Exposed
Ensure that your AWS CloudWatch event bus is not exposed to everyone.
- EventBus Cross Account Access
Ensure that AWS CloudWatch event buses do not allow unknown cross-account access for delivery of events.