Collect SOC 2 AWS IAM evidence to Google Sheets with Gmail alerts
Your automated compliance assistant that pulls, formats, and logs AWS infrastructure evidence to Google Sheets on a recurring schedule. Stop manually exporting IAM user lists and CloudTrail logs for your auditors. Thi...
Template notes
Your automated compliance assistant that pulls, formats, and logs AWS infrastructure evidence to Google Sheets on a recurring schedule.
Stop manually exporting IAM user lists and CloudTrail logs for your auditors. This workflow orchestrates the collection of critical infrastructure evidence, validates the data integrity, and appends it to your compliance source of truth automatically. You maintain the cloud; it maintains the proof.
This is not a generic "checklist" template. It is a functional operational pipeline designed to generate empirical evidence for Trust Services Criteria (TSC) compliance.
---
How the workflow works The workflow executes in four strategic stages:
1. Initialize & Schedule: The workflow runs on a quarterly cron schedule (or manual trigger). It initializes the audit metadata, including a precise collection timestamp and the specific Trust Services Criteria (TSC) category being addressed. 2. Native AWS Extraction: Using the native AWS IAM node, the workflow queries your global identity directory. It fetches the "Get Many" user list, ensuring a clean capture of every active identity currently possessing access to your infrastructure. 3. Data Normalization: A specialized code node parses the raw AWS response. It extracts critical auditor data—including Usernames, ARNs, and Account Creation Dates—and injects a "Review Required" status to facilitate human-in-the-loop compliance verification. 4. Evidence Logging & Reporting: Success Path: Evidence is appended to your master Google Sheet. A summarizer node calculates the total user count and fires a professional HTML Executive Summary to your inbox. Failure Path: If authentication fails (e.g., Signature Mismatch) or the directory is empty, a high-priority warning email is sent with specific troubleshooting steps to ensure you never miss a compliance window.
---
Benefits Auditor-Ready Structure: Does not just dump data; it organizes it by ARN and Creation Date with a built-in "Review Status" column for your compliance team. Self-Healing Logic: Built-in SignatureDoesNotMatch detection. If the AWS connection drops, you get a detailed troubleshooting alert instead of a silent failure. Zero Data Loss: Uses n8n's native credential encryption to securely handle AKIA keys, ensuring your most sensitive infrastructure metadata is never exposed in logs. Eliminates "Audit Panic": By running on a quarterly schedule, you build a continuous trail of evidence, avoiding the 40-hour "last-minute scramble" before the auditor arrives. Executive Visibility: Every run generates a formatted HTML report. You don't have to check a spreadsheet to know you're compliant; you'll see the green "Success" header in your inbox.