Automating AWS Console Login Monitoring : A Comprehensive Guide

Hi, everyone!

My name is Santosh Kumar Sha, and I’m a Security Researcher, Security Engineer from Assam, India. In this article, I will demonstrate how I automated AWS Console Login event notifications to enhance security and monitoring.

Tools and Services Used

• AWS CLI: Command-line tool to manage AWS services.
• AWS CloudTrail: Service to log, continuously monitor, and retain account activity.
• AWS CloudWatch: Monitoring and observability service.
• Amazon SNS (Simple Notification Service): Service for sending notifications.
• AWS SSO (Single Sign-On): Service for single sign-on access to multiple AWS accounts and applications.
• AWS Lambda: Serverless compute service to run code in response to events.
• Amazon EventBridge: Serverless event bus service for integrating AWS services and custom applications.

Executive Summary

In today’s cloud-driven world, automating security and compliance processes is essential for operational efficiency and reliability. This document details the implementation of an automated system within an AWS Management Account to manage and notify users about AWS Single Sign-On (SSO) events. Leveraging AWS services such as CodePipeline, CodeDeploy, CloudFormation, EventBridge, Lambda, SNS, and CloudTrail, we…