- 新しい順
- 投票が多い順
- コメントが多い順
For sensitive questions, I'd reach out to AWS Support for help as well.
For AWS Management API calls including IAM Changes such as:
- AttachRolePolicy
- PutRolePolicy (Inline Policy on a Role) like you've seen: More information about CloudTrail Logging: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html
In Cloudtrail, you can filter by dates and search by Events as well. For checking the Lambda, you can check Invocation of the Lambda (Lambda being run as well).
There are some AWS Services that offer checks like that such as AWS Config: https://docs.aws.amazon.com/config/latest/developerguide/iam-policy-no-statements-with-admin-access.html, but you may want to evaluate the cost of those services as well.
For information about to do with suspected compromise, read here: https://aws.amazon.com/premiumsupport/knowledge-center/potential-account-compromise/.
Hi, I checked the cloudtrail, I define the time range, then i search event name: attachrolepolicy.
i want to further restricted by user or other criteria, how to do? it only allow me to search one criterial for example Event name
関連するコンテンツ
AWS公式更新しました 2年前- AWS公式更新しました 3年前
