July 23, 2021 / Nirav Shah
Root User has complete access to all AWS services and resources in the account. Root user account can grant unlimited access to your account and its resources. It’s a best practice to secure root user access to your account.
Set Up An Alert If the root User Logs In Steps:
Go to CloudTrail service

Expand Created Trail


Now Go to Cloudwatch service


In Filter pattern , add this
{ $.userIdentity.type = "Root" && $.userIdentity.invokedBy NOT EXISTS && $.eventType != "AwsServiceEvent" }


Now Create Alarm in Alarm Section





Now try to login as root , You will get email notification as an alert

Nirav Shah is the Director of Eternal Web Pvt Ltd, an AWS Advanced Consulting Partner and certified Odoo Partner based in the UK. With over a decade of experience in cloud computing, digital transformation, and ERP implementation, Nirav helps enterprises adopt the right technology to solve complex business challenges. He specialises in AWS infrastructure, Odoo ERP, and web development solutions for businesses across the UK and beyond.
Have queries about your project idea or concept? Please drop in your project details to discuss with our AWS Global Cloud Infrastructure service specialists and consultants.