Destinations for S3 bucket events?
What else about S3 is automated?
- Lifecycle expiration
- Lifecycle transition
- Intelligent tiering, archiving
- Object tagging
Which services are event-driven?
Which ones also contribute to event-driven?
- CloudTrail: Findings can be actionable, trigger lambdas
- Config: Compliance issues, remediation actions
- S3: Use as repo, trigger pipeline actions on PUT
What’s, like, general security automation workflow?
- Systems manager
Sec / Compliance Monitoring:
- Lambda -> Trusted Advisor: Automate security checks
- Config -> Lambda: Download data from AWS config
How to notify when access key in public repo?
- EventBridge event:
- Step function: Delete keys