Continuously audit and monitor AWS CloudFormation stack configurations and enforce security compliance as code with Panther.
CloudFormation Stack is a collection of AWS resources that you can manage as a single unit. You can create, update, or delete a collection of resources by creating, updating, or deleting stacks. Use Panther to track real-time changes to your CloudFormation to ensure configurations meet your business requirements for security and compliance.
Monitoring CloudFormation is critical for understanding the history of resources within your stack and detecting suspicious activity. Use Panther’s built in policies for continuous monitoring of CloudFormation stack resources, or write your own detections in Python to fit your internal business use cases.
Common security use cases for CloudFormation with Panther include:
- Associate IAM roles with CloudFormation stacks that ensure least privilege when making changes to your account.
- Protect a CloudFormation stack from accidentally being deleted.
How it Works
The integration is simple and fast:
- Connect your AWS account to Panther
- A baseline scan is performed to identify all existing CloudFormation stacks in your account(s)
- Built-in detections identify security issues
- Alerts will be sent if non-compliant CloudFormation templates exist
Use Panther to search all CloudFormation stacks in an account by name, view their compliance status, associated policies, and configured remediations. Learn more about using Panther to analyze your AWS logs for security insights.