Changes to Policy
A policy has been updated or deleted for an Application Auto Scaling scalable target.
A policy has been updated or deleted for an Application Auto Scaling scalable target.
An instance within an autoscaling group is terminated.
Any change like Create, Update, Delete or Cancellation of CloudFormation stack will result into this event.
We use this event as pilot event to check if the connection between your account and our account is established or not. Kindly do not disable this event.
Amazon Certificate Manager Certificate is deleted along with its associated private key.
ACM certificate is requested for use with other AWS services.
An email is resent for domain ownership validation.
CloudTrail has stopped log recording.
A CIDR block is associated or disassociated with VPC or subnet
A new keypair has been created or deleted from the EC2
A NAT gateway has been created or deleted.
Creation or deletion of a network ACL
Creation or deletion of a network ACL entry
Any change to Network interface like create, delete, attach or detach events.
Creation or deletion of route or route table
VPN gateway is created, deleted, attached or detached.
Classic Link VPC changes either by attaching it or detaching it.
A customer gateway is deleted
A set of DHCP Options have been deleted. This will have been preceded by a disassociation of those DHCP options.
EBS Volume is attached or detached.
EC2 instance is started or stopped
An instance has been terminated
An Elastic IP address is associated, disassociated with existing subnet.
An internet gateway has been attached, detached, deleted.
New VPC is created
A subnet is either associated or disassociated with route table
An Instance has been launched.
An egress rule has been added or removed from a security group for use with a VPC.
An ingress rule has been added to a security group, permitting instances to receive traffic from certain CIDR address ranges or from other instances associated with certain destination security groups. It also covers if an ingress rule has been removed from a security group.
Security Groups is created or deleted
Enable or Disable VPC Classic Link
VPC endpoint is created or deleted
An IAM instance profile is associated or disassociated with VPC
A VPC peering is either requested or deleted
Either a VPN connection or connection route is created or deleted.
New File system is created or deleted.
A set of security groups for a mount target have been modified.
Mount for the file system is created or deleted.
Network ingress to cache security group is permitted or revoked.
An elastic cache security group is created or removed from the cluster.
A security group has been associated with a load balancer inside a VPC.
A new listener for Elastic load balancer is created, or existing listener is deleted or updated.
A new load balancer is created or an existing one is deleted.
A rule has been created for a listener that is associated with an Application Load Balancer, or an existing rule is updated or deleted.
A target group associated with ELB has been created, modified or deleted.
A target has been deregistered or registered.
This applies to Classic Load Balancer. A policy has been created for Classic load balancer.
A listener has been deleted
Attributes from either an Application Load Balancer or Network Load Balancer have been modified.
Attributes of a target group have been modified.
A security group has been associated with a load balancer.
Tags have been removed from an ELB resource.
Root console login
Console Login without MFA
A new AWS secret key and access key ID is created, deleted or modified (status is changed)
For your AWS account, an Alias is created
An IAM role has been added to an instance profile.
A user has been added to a group
A client ID has been registered or removed for an IAM OpenID Connect provider resource.
Either IAM entity has been created or deleted. Or the list of server certificate thumbprints associated with an OpenID Connect provider has been replaced.
A new role for an AWS account has been created.
A role has been deleted. The role will not have had any policies attached if it was able to be deleted.
A version of a policy has been deleted.
An inline policy for an IAM user has been deleted.
A managed policy has been removed from a user.
An existing managed policy has been deleted for an AWS account.
Either a group is created, modified or deleted.
A new password has been created for a user to access AWS services through the management console.
A password for an IAM user has been changed.
A password for an IAM user has been deleted thus removing that user's ability to access services through the console.
An inline policy for an IAM role has been deleted.
Either an instance profile is created or an existing profile is deleted.
A managed policy has been added to an IAM role.
A managed policy has been removed from a role.
A policy for an IAM user has been added or updated.
A new managed policy has been created for an AWS account.
A new version of a manged policy has been created.
A password policy for an account has been deleted.
A managed policy has changed to IAM group, role or user
A policy for an IAM role has been added or updated.
An IAM role has been removed from an EC2 instance profile.
A user has been removed from an IAM group.
An IAM resource has been created, updated or deleted
A SSH key is deleted, updated or uploaded
A Server certificate is deleted, updated or uploaded
A version of a policy has been set as a default. This can apply to users, groups and roles. To find specifics, use the ListEntitiesForPolicy API.
A signing certificate is deleted, updated or uploaded
The password policy settings for an AWS account have been updated.
The policy for an IAM entity that dictates its permission to assume a role has been updated.
A new user is created, or existing user is deleted or modified.
A virtual MFA is created, deactivated, deleted, enabled or re-synced.
A new Aurora DB cluster is created, an existing is deleted or modified.
A snapshot of a cluster is created or deleted.
A new DB instance is created or existing DB instance is deleted or updated.
A new db parameter group is created or existing db group is reset, modified or updated
A new DB security group has been created or deleted.
Ingress for a DB Security Group has been enabled.
If a new db subnet group is created or an existing is modified or deleted.
A DB snapshot is created or deleted.
A new DB cluster parameter is created or an existing one is updated or deleted.
If a new option group is created or an existing is modified or deleted.
DB instances is rebooted
Primary Db instance failed
A manual DB snapshot's attribute has been modified.
A read replica instance became standalone instance
An instance has been created to act as a Read Replica for another instance. The source instance may have been running MySQL, MariaDB, Oracle or PostgreSQL.
A DB cluster parameter group had its parameters reset to its default values.
Restore DB Cluster From Snapshot
Restore DB Cluster To Point In Time
Restore DB Instance From DB Snapshot
Restore DB Instance To Point In Time
Revoke DB Security Group Ingress
A record set that contains DNS information for a domain or subdomain has been created, changed or deleted.
Create Resolver Endpoint
A health check for Route53 has been deleted.
Delete Hosted Zone
Update Domain Contact
An existing S3 bucket has been deleted
Configuration parameters like lifecycle, CORS, tagging etc on existing bucket is changed
New S3 bucket is created
Permissions (ACL) on an existing bucket is changed
A new rule is created or deleted.
Changes to various configuration of WAF
A grant is added to customer master key (CMK)
An alias is created for a function
Lambda function is created
Lambda function is deleted
EventSource mapping is either created, deleted or updated.
Permission changes to Lambda function
Function code is updated
Function configuration is updated