In many AWS environments, there may be certain regions that have been approved for use, or some regions that may be prohibited due to cost or compliance reasons. Aqua's Real-Time Events service supports the ability to flag API activity in AWS regions to help enforce these standards.

Getting Started

After connecting an AWS account and enabling Real-Time Events, navigate to the "Cloud Accounts" overview page. Locate the account you wish to modify and expand the menu to its right. Select "Event Rules."

Scroll down to the "Unused Regions" section, select the AWS regions you do not want to use, and then save.

Viewing Events

To view any events that violate the "unused region" rule, navigate to the "Events" page and filter by failures. You may also search for events with High Severity, or events with the message "The rule "Monitor All Events" is configured" in the payload.