📄️ Introduction to CloudTrail Alerts
This section provides information about some of the CloudTrail security alerts visible in the Lacework Console.
📄️ Access Key Deleted
This event detects the deletion of an existing access key.
📄️ CloudTrail Changed
This event detects an AWS CloudTrail change.
📄️ CloudTrail Deleted
This event detects if an AWS CloudTrail was deleted.
📄️ CloudTrail Stopped
This event detects if AWS CloudTrail logging has been stopped.
📄️ IAM Access Key Changed
This event detects the creation of a new IAM Access key and the deletion of an existing access key.
📄️ IAM Policy Changed
This event detects an AWS IAM policy change.
📄️ NACL Change
This event detects an AWS network ACL change.
📄️ Network Gateway Change
This event detects a network gateway change.
📄️ New Access Key
This event detects the creation of a new AWS access key.
📄️ New Customer Master Key
This event detects the creation of a new AWS customer master key.
📄️ New Customer Master Key Alias
This event detects the creation of a new AWS customer master key alias.
📄️ New S3 Bucket
This event detects the creation of a new AWS S3 bucket.
📄️ New VPC
This event detects the creation of a new VPC.
📄️ New VPN Connection
This event detects the creation of a new VPN connection.
📄️ Route Table Change
This event detects a route table change.
📄️ S3 Bucket ACL Changed
This event detects an S3 bucket ACL change.
📄️ S3 Bucket Deleted
This event detects the deletion of an S3 bucket in any AWS account.
📄️ S3 Bucket Policy Changed
This event detects an AWS S3 bucket policy change.
📄️ Security Group Change
This event detects a security group permissions change and deletion of a security group.
📄️ VPC Change
This event detects a VPC configuration change.
📄️ VPN Gateway Change
This event detects a VPN gateway change.