1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
You can usually infer the resource from the contents of requestParameters
or in the responseElements
, but the contents will vary widely depending on the API call. There is no single attribute in the CloudTrail output that always indicates which resource(s) are related.
Inferring from your answer, do we have to manually map the attribute for different type of events. For example:
CreateBucket: requestParameters.bucketName (name will be obtained and not an ARN)
GetBucketAcl "requestParameters": { "bucketName": "aws-cloudtrail-logs-21748-f0b24d76", "Host": "aws-cloudtrail-logs-21748-f0b24d76.s3.us-east-1.amazonaws.com", "acl": "" }, "responseElements": null,
requestParameters.bucketName (name will be obtained and not an ARN)
AttachRolePolicy "requestParameters": { "roleName": "s3crr_role_for_poc-s3_3", "policyArn": "arn:aws:iam::40385534:policy/service-role/s3crr_for_poc-s3_a3a10f" }, "responseElements": null,
requestParameters.policyArn will be obtained but (roleName will be obtained and not an ARN of role)
Is there any way to get exact arn of resources??