I want to create a cloud watch alarm to monitor secrets rotation and triggers if RotationFailed.
I have checked the aws documentation about RotationFailed. This document says,
RotationFailed event - a mechanism to inform you that secret rotation failed for an application.
but I cant find how to use RotationFailed event to trigger alarm. please help me to create metric filter and alarm for secret rotation failed.
Try this cloudwatch event
{
"source": [
"aws.secretsmanager"
],
"detail-type": [
"AWS API Call via CloudTrail"
],
"detail": {
"eventSource": [
"secretsmanager.amazonaws.com"
],
"eventName": [
"RotationFailed"
]
}
}