How to Build a Near Real-Time AWS Resource Creation Dashboard for Complete Cloud Visibility

Arokya

Gaining timely visibility into newly created AWS resources is essential for maintaining security, operational efficiency, and cost control—especially in environments with multiple AWS accounts. To streamline this visibility, we set out to build a near real-time dashboard that consolidates resource creation events across accounts into a single, easy-to-monitor view.

For our initial use case, we focused on tracking key services that typically drive infrastructure changes: EC2, VPC, RDS, Security Groups, S3 Buckets, and IAM Roles. By capturing creation events from these services and surfacing them through a unified dashboard, teams can quickly identify new resources, validate configurations, and improve governance without manually digging through logs or navigating between accounts.

We designed a lightweight, serverless dashboard to automatically detect and display all new resource creations across our AWS accounts. Because we didn’t want to wait for monthly audits or Config reports, we wanted the new resources to appear live in the dashboard.

Although AWS Config gives visibility into existing resources, it doesn’t directly highlight newly created ones.

Each organization account runs AWS Config to record all supported resources, and the Config Aggregator in the management account collects all resource data centrally.

An Amazon EventBridge rule runs hourly and triggers a Publisher Lambda to query resource-creation information and publish the results to CloudWatch Metrics. Another EventBridge schedule runs hourly to fetch the metrics and update the CloudWatch Dashboard, displaying the resource creation details along with the corresponding AWS account ID.

The dashboard updates every hour, reflecting any new EC2, RDS, or S3 resources created during that period.

This visibility has strengthened your governance team’s ability to quickly validate ownership and tagging, reinforcing your control over resource management.

It demonstrates that combining AWS Config, AWS Lambda, and EventBridge enables near-real-time governance without relying on complex tools, making the process accessible and effective.