Trusted Advisor to Amazon EventBridge to AWS Lambda

AWS Trusted Advisor → EventBridge → AWS Lambda

Create an EventBridge rule that invokes a Lambda function from Trusted Advisor

This pattern utilizes AWS Trusted Advisor to execute an AWS Lambda Function via Amazon EventBridge, to remove public access to an S3 bucket once it has been flagged as public.

Incorrectly configured S3 buckets can be the source of a data leak in your organization. This serverless pattern helps to automate the lock-down of your S3 buckets to prevent any accidental data leaks.

If an S3 bucket meets the use-case for being open to the public, simply "Exclude & Refresh" the specific resource in the AWS Trusted Advisor Console and they will be ignored.

< Back to all patterns

Language:: Python
Framework:: AWS CDK

Download this pattern (.zip)

View this pattern on GitHub

Clone repo

git clone https://github.com/aws-samples/serverless-patterns/cd serverless-patterns/ta-eventbridge-lambda-s3

Deploy

See the GitHub repo for detailed deployment instructions.

Testing

See the GitHub repo for detailed testing instructions.

Cleanup

1. Delete the stack: npx cdk destroy.

2. Confirm the stack has been deleted: aws cloudformation list-stacks --query "StackSummaries[?contains(StackName,'STACK_NAME')].StackStatus".

3. You see a message confirming DELETE_COMPLETE.

Additional resources

Reducing custom code by using advanced rules in Amazon EventBridge

Use Amazon EventBridge to Build Decoupled, Event-Driven Architectures

Created by:

Sean Kendall

AWS Sr. Technical Account Manager and Serverless Specialist. Sean enjoys helping AWS customers improve their serverless architecture by teaching new concepts, and performing architecture reviews.