[{"data":1,"prerenderedAt":65},["ShallowReactive",2],{"pattern-cloudtrail-lambda-dynamodb-cdk":3},{"id":4,"title":5,"architectureURL":6,"cleanup":7,"contributors":10,"deploy":12,"description":15,"extension":16,"framework":17,"gitHub":18,"highlight":6,"introBox":24,"language":30,"level":31,"meta":32,"patternArch":33,"resources":52,"s3URL":6,"services":6,"stem":60,"testing":61,"videoId":6,"__hash__":64},"patterns\u002Fpatterns\u002Fcloudtrail-lambda-dynamodb-cdk.json","Check Amazon S3 object tag compliance using AWS CloudTrail",null,{"text":8},[9],"Delete the stack: \u003Ccode>cdk destroy\u003C\u002Fcode>",[11],"content\u002Fcontributors\u002Fmia-alarcon-chong.json",{"text":13},[14],"cdk deploy","Creates a CloudTrail trail to track S3 object creation events, and checks for the required tags on those objects to determine compliance","json","AWS CDK",{"template":19},{"repoURL":20,"templateURL":21,"projectFolder":22,"templateFile":23},"https:\u002F\u002Fgithub.com\u002Faws-samples\u002Fserverless-patterns\u002Ftree\u002Fmain\u002Fcloudtrail-lambda-dynamodb-cdk","serverless-patterns\u002Fcloudtrail-lambda-dynamodb-cdk\u002F","cloudtrail-lambda-dynamodb-cdk","src\u002Flib\u002Ftag-compliance-stack.ts",{"headline":25,"text":26},"How it works",[27,28,29],"This pattern demonstrates how to use CloudTrail events to check the tags of S3 objects that have been created. The S3 objects are stored in a DynamoDB table","which then gets sent to Lambda to check if the required tags are present. Compliance is updated on the DynamoDB table in the attribute is_compliant (true\u002Ffalse).","Further actions can be taken based on the results of the compliance check at the user's discretion.","TypeScript","200",{},{"icon1":34,"icon2":39,"icon3":42,"line1":46,"line2":50},{"x":35,"y":36,"service":37,"label":38},20,50,"cloudtrail","AWS CloudTrail",{"x":36,"y":36,"service":40,"label":41},"lambda","AWS Lambda",{"x":43,"y":36,"service":44,"label":45},80,"dynamodb","Amazon DynamoDB",{"from":47,"to":48,"label":49},"icon1","icon2","",{"from":48,"to":51,"label":49},"icon3",{"bullets":53},[54,57],{"text":55,"link":56},"S3 Object Tagging","https:\u002F\u002Fdocs.aws.amazon.com\u002FAmazonS3\u002Flatest\u002Fuserguide\u002Fobject-tagging.html",{"text":58,"link":59},"Attribute-based Access Control (ABAC)","https:\u002F\u002Fdocs.aws.amazon.com\u002FIAM\u002Flatest\u002FUserGuide\u002Fintroduction_attribute-based-access-control.html","patterns\u002Fcloudtrail-lambda-dynamodb-cdk",{"text":62},[63],"See the GitHub repo for detailed testing instructions.","9MvQnI0pjOyJbHqq0AMnKLTh53ndS-WwgrumVUAWpPc",1778846883861]