Not monitoring API calls for changes made to Identity and Access Management (IAM) policies

Details

This rule checks for adherence to Center for Internet Security (CIS) Recommendation 3.4, Ensure a log metric filter and alarm exist for IAM policy changes. https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf#page=97

Tags: cis