Creates a CloudTrail trail to track S3 object creation events, and checks for the required tags on those objects to determine compliance
This pattern demonstrates how to use CloudTrail events to check the tags of S3 objects that have been created. The S3 objects are stored in a DynamoDB table
which then gets sent to Lambda to check if the required tags are present. Compliance is updated on the DynamoDB table in the attribute is_compliant (true/false).
Further actions can be taken based on the results of the compliance check at the user's discretion.
< Back to all patterns
Clone repo
git clone https://github.com/aws-samples/serverless-patterns/cd serverless-patterns/cloudtrail-lambda-dynamodb-cdk/Deploy
cdk deployTesting
See the GitHub repo for detailed testing instructions.
Cleanup
Delete the stack:
cdk destroyCreated by:
