consoleme icon indicating copy to clipboard operation
consoleme copied to clipboard

Published 20 hours ago verified publisher icon Netflix

Feature request: Open Source for Recent Permission Errors from CloudTrail

Open kmcquade opened this issue 4 years ago • 1 comments

As discussed previously, the "Recent permission errors" add on is not part of the open source yet. Would be very helpful to have that included.

kmcquade avatar Sep 09 '20 18:09 kmcquade

This is now supported via Event Bus, but documentation is needed.

TLDR: funnel all of your cloudtrail events to a single account using Event Bus rules. On a given account, set up a rule to send AccessDenied messages to an SNS topic. Create an SQS queue and a subscription to the SNS topic, then give ConsoleMe permission to that queue, and configure ConsoleMe to use that queue to determine cloudtrial denies.

castrapel avatar Jul 08 '21 14:07 castrapel