Update risk_credentials_exposed.serverless.yaml with all possible eve…

…ntcode type for IAM KEY exposure Added all possible event codes related to IAM access key exposure - "category": "issue", "code": "AWS_RISK_CREDENTIALS_COMPROMISED", "service": "RISK" }, { "category": "issue", "code": "AWS_RISK_CREDENTIALS_COMPROMISE_SUSPECTED", "service": "RISK" }, { "category": "issue", "code": "AWS_RISK_CREDENTIALS_EXPOSED", "service": "RISK" }, { "category": "issue", "code": "AWS_RISK_CREDENTIALS_EXPOSURE_SUSPECTED", "service": "RISK"
aws · Aug 9, 2023 · d49f9ba · d49f9ba
1 parent 487b1ee
commit d49f9ba
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/...ions/AWS_RISK_CREDENTIALS_EXPOSED/cloudformation/risk_credentials_exposed.serverless.yaml b/...ions/AWS_RISK_CREDENTIALS_EXPOSED/cloudformation/risk_credentials_exposed.serverless.yaml
@@ -17,7 +17,11 @@ Resources:
           eventTypeCategory:
             - "issue"
           eventTypeCode:
+            - "AWS_RISK_CREDENTIALS_COMPROMISED"
+            - "AWS_RISK_CREDENTIALS_COMPROMISE_SUSPECTED"
             - "AWS_RISK_CREDENTIALS_EXPOSED"
+            - "AWS_RISK_CREDENTIALS_EXPOSURE_SUSPECTED"
+            - "AWS_RISK_IAM_QUARANTINE"
       State: "ENABLED"
       Targets: 
         -