Reputation: 1029
Find who created a s3 bucket in federated AWS account
My entire team accesses a single AWS account through federated login. Apart from my team, only admin (root user) has access to this account. But the root user is only for administration purpose.
We all login to the AWS console through a SAML-based SSO. The navbar of the AWS console shows the user info as:
Federated Login: TEAM-NAME/[email protected]
Account: 1234-5678-1234
Since it is a single account, the account id is common for all federated users. But the emails are their own. Also, on clicking "My Account" link in navbar, the account name is shown as
assumed-role/TEAM-NAME/[email protected]
A part of my project is to identify the creator of some AWS resources. Now, suppose a bucket was created by some federated user. Can I, another federated user, track who (email) created this bucket? What about other kind of resources (not just s3 buckets)?
Upvotes: 1
Views: 1850
Answers (1)
Reputation: 1604
You can track that using the Amazon cloud trail. But as a federated user, you will have to make sure that you have Amazon Cloud Trail access. Once you've Cloud Trail access you can filter the bucket name using Resource Name filter.
Upvotes: 4
Related Questions
- Amazon S3 bucket policy to for federated user
- Where does the owner *name* for an S3 bucket/AWS account come from?
- How to get list of users who are accessing the objects in S3 Buckets?
- S3 bucket policy to grant/restrict access to a specific federated user
- Find S3 Bucket Owner
- Amazon S3 find which user/role is used to update/upload and Object
- How to find out who uploaded data in S3 bucket
- AWS console see what action has been done by which user
- How to find S3 bucket created user?
- AWS S3 Permissions who is the AWS grantee?