Reputation: 849
How can I determine the AWS account username of the user that last started an EC2 instance?
We have quite a lot of EC2 instances all being used for various projects. Sometimes, a developer leaves an instance on even though they aren't using it, which wastes money. We have alarms set up to check if an instance isn't being used, but we also want to be able to ask the developer who started the instance about it, without having to send out a mass email to all developers.
Is there some way to determine the AWS username of the user who last started an EC2 instance? Is there any way to get info on who started an instance?
Upvotes: 2
Views: 337
Answers (1)
Reputation: 2129
If you enable AWS CloudTrail, you can get detailed, machine-readable logs about which APIs were invoked by whom, and when. The logs are then placed in an S3 bucket on a periodic basis. Here's a sample EC2 StartInstances log entry:
{
"Records": [{
"eventVersion": "1.0",
"userIdentity": {
"type": "IAMUser",
"principalId": "EX_PRINCIPAL_ID",
"arn": "arn:aws:iam::123456789012:user/Alice",
"accessKeyId": "EXAMPLE_KEY_ID",
"accountId": "123456789012",
"userName": "Alice"
},
"eventTime": "2014-03-06T21:22:54Z",
"eventSource": "ec2.amazonaws.com",
"eventName": "StartInstances",
"awsRegion": "us-west-2",
"sourceIPAddress": "205.251.233.176",
"userAgent": "ec2-api-tools 1.6.12.2",
"requestParameters": {
"instancesSet": {
"items": [{
"instanceId": "i-ebeaf9e2"
}]
}
},
"responseElements": {
"instancesSet": {
"items": [{
"instanceId": "i-ebeaf9e2",
"currentState": {
"code": 0,
"name": "pending"
},
"previousState": {
"code": 80,
"name": "stopped"
}
}]
}
}
},
... additional entries ...
]
}
Upvotes: 3
Related Questions
- How to find the username of the instance launched in amazon-ec2?
- AWS: how to see the services a particular user account has been using
- Which user launched EC2 instance?
- Finding EC2 instance ID for someone else's instance
- How can i get userId of aws account?
- How to find out who creates the ec2 instance on AWS?
- Get AWS Account ID from instance
- How to fetch details of user who created an EC2 instance
- How can I get list of all ec2 instances created by an IAM user
- How to map the Instances with the user who created it