The following is a list of all AWS events currently processed by CloudSploit. Remember - you can choose not to send these events by modifying the CloudFormation template at setup time, but you may miss out on security alerts for those resources.
- AWS Console Signin Events
- AWS Certificate Manager (all events)
- CloudTrail (all events)
- ConfigService
- DeleteConfigRule
- DeleteDeliveryChannel
- DeleteEvaluationResults
- StopConfigurationRecorder
- EC2
- AcceptVpcPeeringConnection
- AuthorizeSecurityGroupEgress
- AuthorizeSecurityGroupIngress
- CreateNetworkAclEntry
- CreateVpcPeeringConnection
- DeleteFlowLogs
- ImportKeyPair
- RevokeSecurityGroupEgress
- RevokeSecurityGroupIngress
- CreateVpnConnection
- CreateVpnConnectionRoute
- CreateVpnGateway
- DeleteNetworkAclEntry
- ReplaceNetworkAclEntry
- IAM (all events)
- KMS
- DisableKeyRotation
- PutKeyPolicy
- Logs
- DeleteLogGroup
- DeleteLogStream
- PutRetentionPolicy
- DeleteRetentionPolicy
- RDS
- AuthorizeDBSecurityGroupIngress
- RevokeDBSecurityGroupIngress
- RestoreDBInstanceToPointInTime
- RestoreDBInstanceFromDBSnapshot
- RestoreDBClusterFromSnapshot
- RestoreDBClusterToPointInTime
- DeleteDBCluster
- DeleteDBInstance
- DeleteDBSecurityGroup
- Route53
- CreateHostedZone
- DeleteHostedZone
- SES
- VerifyDomainDkim
- VerifyDomainIdentity
- VerifyEmailAddress
- VerifyEmailIdentity