- 新しい順
- 投票が多い順
- コメントが多い順
The readOnly field in a CloudTrail event is a Boolean value that indicates whether the API call made was a read-only operation or not. In the case of the event you provided, the readOnly field is set to false, which means that the API call was not a read-only operation.
However, not all API calls are marked as read-only, even if they don't modify any resources. The AWS API is designed to be flexible, and some API calls may not fit neatly into the read-only or write category. For example, the GetRemainingFreeTrialDays API call you provided may not modify any resources, but it still provides information about the account's free trial, which could be considered a non-read-only operation.
It's generally a good practice to filter out CloudTrail events that are read-only, as they are less likely to be associated with security issues. However, as you have noticed, not all events that don't modify resources are marked as read-only. So, it's important to use your judgement and take into account the specific API being called and the context in which it's being used.
関連するコンテンツ
AWS公式更新しました 2年前- AWS公式更新しました 2年前
- AWS公式更新しました 2年前
I think I agree with most of this, but probably not the conclusion in this case. An API call often either affects a change to data or system state or something or it doesn't. But I can imagine there are some cases that are a bit fuzzier. But in this case, I'm not sure how that can apply since it is a "get" request and I can't see what data or system state would be changing because of it.
But, it's not a big deal in any way, just seems confusing.