Monitoring Security Groups with Amazon CloudWatch EventsGo to Lab
This is interesting use of cloudwatch with monitor the change of SGs.
This was a good lab. I was missing the reason why this lab is important in the security realm however. A little more context would have been nice.
Nice intro to lambda functions, cloudwatch
Lab policy should include the ability to Revoke Ingress Rules so the security group could be corrected. The time for this lab was also way off, I finished it in under 20 minutes, and that was after trying to add the Revoke Ingress Rules to my profile. Also, it would be helpful to note that failed API calls are seen and evaluated by Lambda, having a segment to show and discuss filtering that only allows for successful API calls to be evaluated would be helpful.
Step 56 should be changed to enter "This permission must be" in the CloudWatch search box so that both the ones needing adding and revoking show up.
FYI There was an error User: arn:aws:sts::384732153490:federated-user/tim is not authorized to perform: kms:ListAliases on lambda function creation screen
Good example of how this works. Very good comment at the end of why the function does not fix the group itself.