AWS eventbridge medium security documentation change
Summary
Added JSON policy example for event bus log delivery permissions
Security assessment
Added explicit IAM policy example for logging permissions, enabling better audit capabilities. This directly addresses security monitoring by providing clear implementation guidance for event bus logging.
Diff
diff --git a/eventbridge/latest/userguide/eb-event-bus-logs.md b/eventbridge/latest/userguide/eb-event-bus-logs.md index 5489a2148..4ed64a2e1 100644 --- a//eventbridge/latest/userguide/eb-event-bus-logs.md +++ b//eventbridge/latest/userguide/eb-event-bus-logs.md @@ -98,0 +99,22 @@ To enable logging from an event bus, you must grant permissions for EventBridge +JSON + + +**** + + + + { + "Version":"2012-10-17", + "Statement": [ + { + "Sid": "ServiceLevelAccessForLogDelivery", + "Effect": "Allow", + "Action": [ + "events:AllowVendedLogDeliveryForResource" + ], + "Resource": "arn:aws:events:us-east-1:123456789012:event-bus/my-event-bus*" + } + ] + } + +