Is there a way to create aws eventbridge rule to apply for only one resource?-CodePudding

for example I have a iam eventbridge rule that is triggered for any changes to the roles as below:

{
  "source": ["aws.iam"],
  "detail-type": ["AWS API Call via CloudTrail"],
  "detail": {
    "eventSource": ["iam.amazonaws.com"],
    "eventName": ["AttachGroupPolicy", "AttachRolePolicy", "AttachUserPolicy", "DetachGroupPolicy", "DetachRolePolicy", "DetachUserPolicy", "PutGroupPolicy", "PutRolePolicy", "PutUserPolicy"]
  }
}

Is there any way to update this rule and trigger only if this happens for say role testone ?

CodePudding user response：

I am not sure about the EventBridge filter for the purpose but found a very easy technique from the link below: https://aws.amazon.com/premiumsupport/knowledge-center/eventbridge-create-custom-event-pattern/ So basically you have to let the event you are targeting to be in your cloudtrail or get teh email notifications and then copy and paste the only wanted part. So for my problem I did this and it is workng exactly as I wanted.

{
  "source": ["aws.iam"],
  "detail-type": ["AWS API Call via CloudTrail"],
  "detail": {
    "eventSource": ["iam.amazonaws.com"],
    "eventName": ["AttachGroupPolicy", "AttachRolePolicy", "AttachUserPolicy", "DetachGroupPolicy", "DetachRolePolicy", "DetachUserPolicy", "PutGroupPolicy", "PutRolePolicy", "PutUserPolicy"],
    "requestParameters": {
      "roleName": ["testone"]
    }
  }
}

CodePudding user response：

You would use an EventBridge filter for you rule so that it only matches the specific role.