Notifications in AWS Audit Manager - AWS Audit Manager

Notifications in AWS Audit Manager

AWS Audit Manager can notify you about user actions through Amazon Simple Notification Service (Amazon SNS).

Audit Manager sends notifications when one of the following events occurs:

  • An audit owner delegates a control set and its evidence for review.

  • A delegate completes their review of a control set.

  • A sender shares a custom framework with another AWS account.

  • A sender shares a custom framework to another AWS Region under their own account.

  • An active share request for a custom framework is due to expire within the next 30 days.

Prerequisites

Before you set up Amazon SNS notifications in AWS Audit Manager, make sure that you complete the following steps.

  1. Create a topic in Amazon SNS if you don't have one already. For instructions, see Creating an Amazon SNS topic in the Amazon Simple Notification Service Developer Guide.

  2. Subscribe at least one endpoint to the topic. For example, if you want to receive notifications by text message, subscribe an SMS endpoint (that is, a mobile phone number) to the topic. To receive notifications by email, subscribe an email endpoint (an email address) to the topic.

    For more information, see Getting Started in the Amazon Simple Notification Service Developer Guide.

  3. (Optional) If your topic uses AWS Key Management Service (AWS KMS) for server-side encryption (SSE), you have to add permissions to the AWS KMS key policy. You can add permissions by attaching the following policy to the AWS KMS key policy:

    { "Version": "2012-10-17", "Statement": [ { "Sid": "AllowAuditManagerToUseKMSKey", "Effect": "Allow", "Principal": { "Service": "auditmanager.amazonaws.com" }, "Action": [ "kms:GenerateDataKey", "kms:Decrypt" ], "Resource": "*" } ] }

Configuring notifications in AWS Audit Manager

Follow these steps to configure your notifications in AWS Audit Manager.

To configure notifications in AWS Audit Manager

  1. Open the AWS Audit Manager console at https://console.aws.amazon.com/auditmanager/home.

  2. In the left navigation pane, choose Settings.

  3. Under Notifications - optional, specify the SNS topic that you want to use to receive notifications.

    • To use an existing topic, select the topic name from the dropdown menu.

    • To create a new topic, choose Create new topic. This takes you to the Amazon SNS console where you can create a topic.

  4. When you're done, choose Save.

Note

If you want to use an Amazon SNS topic that you don't own, you must configure your AWS Identity and Access Management (IAM) policy for this. More specifically, you must configure it to allow publishing from the Amazon Resource Name (ARN) of the topic. For more information about IAM, see Identity and access management for AWS Audit Manager.

Troubleshooting

I specified an Amazon SNS topic in Audit Manager, but I'm not receiving any notifications

If your Amazon SNS topic uses AWS KMS for server-side encryption (SSE), you might be missing the required permissions for your AWS KMS key policy. You might also fail to receive notifications if you didn't subscribe an endpoint to your topic.

If you aren't receiving notifications, make sure that you did the following:

  • You attached the required permissions policy to your AWS KMS key. An example policy is available in the Prerequisites section of this page.

  • You subscribed an endpoint to the topic that the notifications are sent through. When you subscribe an email endpoint to a topic, you receive an email asking you to confirm your subscription. You have to confirm your subscription before you start receiving email notifications. For more information, see Getting Started in the Amazon SNS Developer Guide.