1. AWS Audit
  2. Ad-hoc running an Audit

These rules are organized under their respective service. So, this means that IAM may have 40 rules, whereas SNS may have 7 and EC2 may have 56 rules.

You can pick the frequency and time of the day when you want to schedule these checks. We call them Run. A run is a task which executes these checks and updates the audit results in the Dashboard.

In addition, as a user you may want to manually execute a Run. May be you changed some configuration in your AWS account and do not want to wait until the scheduled Run starts. For an ad-hoc run, you can kick-start the Run.

Here is how you do it.

  1. From your Audit Dashboard, go to the individual service details page. E.g.
  1. You will see a Gear icon besides the Service name. In the example below, Cloudwatch Audit, you see an orange Gear icon. Click on it. You can then pick “Run Audit” option.
  1. This will schedule the Run right away. In few seconds your Dashboard should refresh with results.