具有过滤器模式的AWS Secrets Manager的事件模式

时间:2020-11-10 19:55:23

标签: amazon-cloudwatch aws-secrets-manager aws-event-bridge

我想在Secrets Manager中修改/创建/删除特定机密时运行Lambda。

我已经使用以下事件模式部署了具有目标lambda的cloudwatch事件规则。

{
  "source": [
    "aws.secretsmanager"
  ],
  "detail-type": [
    "AWS API Call via CloudTrail"
  ],
  "detail": {
    "eventSource": [
      "secretsmanager.amazonaws.com"
    ],
    "eventName": [
      "CreateSecret",
      "UpdateSecret",
      "DeleteSecret",
      "PutSecretValue"
    ]
  }
}

对于任何 API请求,如果命中secretsmanager.amazonaws.com,就会触发该规则。有没有办法过滤我感兴趣的特定机密?

1 个答案:

答案 0 :(得分:0)

requestParameters 和 secretId:

{
  "detail-type": [
    "AWS API Call via CloudTrail"
  ],
  "detail": {
    "eventSource": [
      "secretsmanager.amazonaws.com"
    ],
    "eventName": [
      "CreateSecret",
      "UpdateSecret",
      "DeleteSecret",
      "PutSecretValue"
    ],
    "requestParameters": {
      "secretId": [
        "arn:aws:secretsmanager:*:*:secret:secret_name"
      ]
    }
  }
}
相关问题
最新问题