Skip to content
master
Switch branches/tags
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 

AWS Config Compliance Notifications

Lambda function to send notification emails when the compliance status of an AWS Config Rule changes

Prerequisites:

Setup:

  • Check out this project
  • Modify the FROM and EMAILS Lambda environment variables in function.json. FROM should be the from address you want your notification emails to come from. EMAILS should be a semicolon separated list of email addresses to send notifications to.
  • Modify the role setting in function.json to point to your AWS IAM Lambda execution role with the appropriate settings. The value should be the IAM role's ARN.
  • Deploy the Lambda function to your AWS account using the apex command line tool.
  • In the AWS SNS console, add the new Lambda function as a subscription to the SNS topic that AWS Config sends notifications to.

Example IAM Lambda Execution Role:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "logs:CreateLogGroup",
        "logs:CreateLogStream",
        "logs:PutLogEvents"
      ],
      "Resource": "arn:aws:logs:*:*:*"
    },
    {
       "Effect": "Allow",
       "Action": [
         "ses:SendEmail", 
         "ses:SendRawEmail"
       ],
       "Resource":"*"
     }
  ]
}    

About

An AWS Lambda function to send notification emails when the compliance status of an AWS Config Rule changes

Topics

Resources

License

Releases

No releases published

Packages

No packages published