aws-security-reference-architecture-examples icon indicating copy to clipboard operation
aws-security-reference-architecture-examples copied to clipboard

Published 20 hours ago verified publisher icon aws-samples

[FEATURE] Possibility to set pExcludeS3BlockAccountPublicAccessTags Parameter without using SRA in us-east-1

Open janahockenberger opened this issue 1 year ago • 0 comments

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Is your feature request related to a problem? Please describe

When tagging an account in Organizations, the CloudTrail event gets created in us-east-1 as Organizations is a global service. When using SRA in a region which is not us-east-1, the setting of the parameter pExcludeS3BlockAccountPublicAccessTags has no effect as the CloudTrail event just exists in us-east-1

Describe the solution you'd like

Adjustment in the EventBridge trigger or somewhere else to execute the Lambda function which is f.e. located in eu-central-1 eventhough the event is created in us-east-1

janahockenberger avatar Jul 15 '24 09:07 janahockenberger