Day 23 - Building S3 Security & Operations Monitoring using Terraform, CloudTrail, CloudWatch and SNS
For Day 23 of my AWS Terraform journey, I built a security monitoring solution for Amazon S3 using Terraform modules. The goal of this project was to monitor S3 object-level activity, detect suspicious access patterns, and send email alerts automatically using native AWS services. This project uses: Amazon S3 AWS CloudTrail Amazon CloudWatch Logs CloudWatch Metric Filters CloudWatch Alarms Amazon SNS Terraform Modules Project Objective The monitoring solution performs the following: Creates a monitored S3 bucket with a random suffix Captures S3 object-level API activity using CloudTrail Data Events Sends CloudTrail logs to CloudWatch Logs Uses Metric Filters to detect: AccessDenied or 403 errors Access to restricted prefixes such as private/* Triggers CloudWatch Alarms when suspicious activity is detected Sends email notifications through Amazon SNS Architecture Diagram This diagram should show: User accessing S3 bucket CloudTrail captu...
