Best practices are to protect your AWS account with MFA authentication – especially your root account which is most critical and has the super power rights to all of your AWS resources
It is recommended that you set up to alerted when users logins
below is a step by step process to setup email alerts for AWS logins
- Create a subscription by going to the “SNS dashboard
create a topic first
Click on create subscription to create a new subscription
The subscriptions lets you set up an end point where you can choose to get the alerts
- this shows the resource ARN
- this is the output format
- this lets you define the end point, in this case we are using an email
Once you have the subscription created then you will need to go to “Cloudwatch” to create a new rule which will then use your SNS topic to send alerts
here you will to do fo four steps to get the alert
- create a new rule and from the drop down menu choose the AWS Console login
- choose the ARN for the user or any user if you want to be notified for every logins
- Choose SNS topic on the Targets
- choose the topic that you created earlier in the SNS
Click on configure details to go to the next step and name the rule
This rule will trigger the alerts and this completes the step by step process of configuring the alerts