Very simple repo with very simple configuration to create a simple alert for an AWS root user account login attempt.
Running the configuration here could result in charges, albeit modest. But please be aware that this is a possibility before you terraform apply!
This has been written using Terraform v0.14.10 (see provider.tf) but should work fine with any version from v0.12 onwards.
The resources created are:
- SNS Topic
- Zero or more email subscriptions
- EventBridge Rule
Massage terraform.tfvars.example and rename as terraform.tfvars (or to taste as you prefer).
Obviously the specified us-east-1 region could be different, but these events only fire in North Virginia.
It shouldn't need it, but the event pattern can be modified to taste.
The email addresses subscribed in the terraform.tfvars file need to be confirmed. If they aren't confirmed and you run terraform destroy then they will be left dangling...
The email notification has been configured to transform the data but it is most definitely functional rather than pretty.