A company wants to be alerted through email when IAM CreateUser API calls are made within its AWS account.
Which combination of actions should a SysOps administrator take to meet this requirement? (Choose two.)
A.
Create an Amazon EventBridge (Amazon CloudWatch Events) rule with AWS CloudTrail as the event source and IAM CreateUser as the specific API call for the event pattern.
B.
Create an Amazon EventBridge (Amazon CloudWatch Events) rule with Amazon CloudSearch as the event source and IAM CreateUser as the specific API call for the event pattern.
C.
Create an Amazon EventBridge (Amazon CloudWatch Events) rule with AWS IAM Access Analyzer as the event source and IAM CreateUser as the specific API call for the event pattern.
D.
Use an Amazon Simple Notification Service (Amazon SNS) topic as an event target with an email subscription.
E.
Use an Amazon Simple Email Service (Amazon SES) notification as an event target with an email subscription.
To receive email notifications when IAM CreateUser API calls are made, you need to create an EventBridge rule that captures these events from CloudTrail and then routes them to an SNS topic that has an email subscription.
Enable CloudTrail:
Ensure AWS CloudTrail is enabled in your account to log API activity. Go to AWS CloudTrail Console and enable it if not already enabled.
Create SNS Topic:
Open the Amazon SNS console at Amazon SNS Console.
Create a new topic and name it (e.g., IAMCreateUserNotifications).
Create an email subscription for the topic by entering your email address and confirming the subscription via the email received.
Create EventBridge Rule:
Open the Amazon EventBridge console at Amazon EventBridge Console.
Create a new rule and provide a name and description.
For the Event source, select AWS events or EventBridge Schema.
In Event pattern, select AWS services and choose CloudTrail as the service.
Specify the event type as AWS API Call via CloudTrail.
In the Event source dropdown, select IAM and in the API operation, enter CreateUser.
Add Target:
Add a target and select SNS topic.
Choose the SNS topic you created earlier (IAMCreateUserNotifications).
Configure Permissions:
Ensure that the EventBridge rule has permission to publish to the SNS topic.
This configuration will trigger an email notification whenever an IAM CreateUser API call is made, keeping you informed of new user creations.
References:
Creating an EventBridge Rule That Triggers on an Event
Setting Up a CloudWatch Event to Trigger SNS
Creating CloudTrail Event Rules
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit