AWS IAM

Events that Trigger (Re)Scan

Create Events
  • CreateUser - A new user account is created.
  • CreateGroup - A new user group is created.
  • CreateRole - A new role is created with specific permissions.
Update Events
  • UpdateUser - Modifications are made to an existing user.
  • UpdateGroup - Changes are made to a group, such as adding or removing members.
  • UpdateRole - A role is updated with new permissions or settings.
  • AttachUserPolicy - A policy is attached to a user, modifying access rights.
  • DetachUserPolicy - A policy is removed from a user, altering permissions.
  • PutUserPolicy - A new policy is assigned to a user.
  • AttachGroupPolicy - A policy is attached to a group, affecting all its members.
  • DetachGroupPolicy - A policy is removed from a group.
  • PutGroupPolicy - A policy is assigned to a group.
  • AttachRolePolicy - A policy is attached to a role, modifying access rights.
  • DetachRolePolicy - A policy is removed from a role.
  • PutRolePolicy - A new policy is assigned to a role.
  • ChangePassword - A user changes their password.
  • AddUserToGroup - A user is added to a group, changing their access permissions.
  • RemoveUserFromGroup - A user is removed from a group.
Delete Events
  • DeleteUser - A user account is deleted.
  • DeleteGroup - A group is deleted along with its associated permissions.
  • DeleteRole - A role is deleted from IAM.

Other Processed Events

Informational Events
  • ConsoleLogin - A user logs in through the AWS console.
  • SignInFailure - A login attempt fails.
  • SignInSuccess - A login attempt is successful.
  • FederatedLogin - A user logs in via federated authentication.
  • SessionStart - A session begins.
  • SessionEnd - A session ends.
  • GenerateCredentialReport - A report on credentials is generated.
  • GetCredentialReport - A credential report is retrieved.
  • ListAccessKeys - Access keys for a user are listed.
  • ListUserTags - Tags associated with a user are retrieved.
  • ListUsers - Users within an AWS account are listed.
  • ListGroups - Groups within an AWS account are listed.
  • ListRoles - Roles within an AWS account are listed.
  • GetUser - Information about a specific user is retrieved.
  • GetGroup - Information about a specific group is retrieved.
  • GetRole - Information about a specific role is retrieved.