AWS Organizations Changes Alarm
More Info:
Amazon Organizations changes should be monitored using AWS CloudWatch alarms.Risk Level
LowAddress
SecurityCompliance Standards
HIPAA, HITRUST, CISAWS, CBPTriage and Remediation
Remediation
Using Console
Using Console
The AWS Organizations Changes Alarm is triggered when there is a change in the AWS Organizations structure, such as adding or removing accounts, or changing the root email address. To remediate this misconfiguration, you can follow these steps:
- Log in to your AWS Management Console.
- Navigate to the CloudWatch service.
- Click on “Alarms” in the left-hand menu.
- Find the “AWS Organizations Changes Alarm” in the list of alarms.
- Click on the alarm to view its details.
- Click on the “Actions” dropdown menu and select “Disable Alarm Actions”.
- Click “Save” to disable the alarm.
Using CLI
Using CLI
The AWS Organizations Changes Alarm is triggered when there are changes made to the AWS Organizations service. To remediate this issue, you can follow the below steps using AWS CLI:Replace the This should return the details of the alarm that you just created.
- Log in to your AWS account using AWS CLI.
- Run the following command to create an SNS topic that will be used to send notifications when the alarm is triggered:
- Run the following command to create a new CloudWatch alarm:
<alarm-name> with a name of your choice, <sns-topic-arn> with the ARN of the SNS topic created in step 2.- Verify that the alarm has been created successfully by running the following command:
- Finally, you can test the alarm by making a change to your AWS Organizations service. If the alarm is triggered, you should receive a notification via the SNS topic created in step 2.
Using Python
Using Python
The AWS Organizations Changes Alarm is triggered when there are changes made to the AWS Organizations service. To remediate this issue using Python, you can follow these steps:These steps will help you remediate the AWS Organizations Changes Alarm issue using Python.
- Create an SNS topic: You can create an SNS topic using the AWS SDK for Python (boto3). This topic will be used to send notifications whenever there is a change in the AWS Organizations service.
- Create a CloudWatch Events rule: You can create a CloudWatch Events rule to monitor changes to the AWS Organizations service. This rule will trigger an AWS Lambda function whenever there is a change.
- Create an AWS Lambda function: You can create an AWS Lambda function using the AWS SDK for Python (boto3). This function will be triggered by the CloudWatch Events rule and will send a notification to the SNS topic.
- Add permissions to the Lambda function: You need to add permissions to the Lambda function to allow it to publish messages to the SNS topic.
- Create a CloudWatch alarm: You can create a CloudWatch alarm to monitor the SNS topic. This alarm will be triggered whenever a message is published to the SNS topic.