Henry Henrinson
Reputation: 5412
How can I monitor AWS S3 access by user?
I have a number of IAM AWS users and I would like to:
- See when and how much data each user is accessing.
- Limit the amount of monthly data each user can read (to keep costs under control)
Is there a way to do that from within AWS?
The scenario I am trying to avoid here is having one user spam AWS S3 requests in a tight loop and generating a huge bill. I would like to be able to block access for that one particular user before they can rack up too huge a bill.
Upvotes: 3
Views: 479
Answers (1)
filipebarretto
Reputation: 1952
There is no direct way of monitoring IAM Users data usage in AWS. One (complex) approach to have some monitoring of this kind if you are using only S3 would be:
- Implement AWS CloudTrail for auditing
- Use CloudTrail logs to monitor user activity, such as GetObject requests to S3
- Implement functions to get the S3 object size and multiply by the number of get requests of each user
- Implement alarms related to that consumption per user
Its neither a simple nor an efficient approach, but there is no direct way of doing so in AWS.
Upvotes: 5
Related Questions
- How to get list of users who are accessing the objects in S3 Buckets?
- What is the best way I can automatically enforce S3 server access logging?
- S3 upload and access-How to monitor the direct upload of files from client to s3 from server?
- View current number of requests and data transfer on Amazon S3
- AWS console see what action has been done by which user
- Monitoring AWS account spends
- Looking for usage details on Amazon S3
- AWS S3 file access logs
- Using AWS S3 access logs to track downloads
- How to see requests to S3 bucket?