AWS Streaming
The AWS Streaming Analyzer provides insights into streaming services within your AWS environment, specifically targeting Kinesis. It helps monitor stream utilization, audit CloudTrail events, and identify security risks associated with stream access.
Required Blueprints: AWS
Sightlines
| Sightline | Description |
|---|---|
| Kinesis | Surfaces Kinesis stream inventory and related CloudTrail events for monitoring stream activity and detecting misconfi... |
Explorer Node Types
Use these node types in Explorer or KAI to query resources surfaced by this analyzer:
aws.kinesis.Stream, aws.sns.Topic, aws.sqs.Queue
Related Analyzers
- AWS IAM — Admin policies attached to SNS, Kinesis, and SQS resources
- AWS Network — Streaming endpoint access patterns
Insight Feed Alerts
- Unauthorized Stream Access: Identifies unauthorized attempts to access Kinesis streams.
- Inactive Streams: Detects streams that have been inactive for a defined period, enabling cost optimization.
- CloudTrail Events Anomaly: Flags unusual CloudTrail events related to streams that may indicate threats or misconfigurations.
- Excessive Stream Creation or Deletion: Alerts on a high number of stream creation or deletion activities within a short period.
- Publicly Accessible Streams: Detects streams with overly permissive access policies that could expose data.