Why did GuardDuty report the finding HIDDEN_DUE_TO_SECURITY_REASONS?

1 minuto de leitura
0

Amazon GuardDuty findings or AWS CloudTrail logs display the user name as "HIDDEN_DUE_TO_SECURITY_REASONS".

Resolution

Successful and failed sign-in attempts for Identity and Access Management (IAM) users and federated users to the AWS Management Console are logged in CloudTrail logs. As a security best practice, AWS doesn't log the entered IAM user name text when the sign-in failure is caused by an incorrect user name. The user name text shows a GuardDuty finding or CloudTrail log entry as "HIDDEN_DUE_TO_SECURITY_REASONS", similar to the following sign-in failure event log example.

For more information, see Logging user sign-in events.


Related information

Security best practices in IAM

CloudTrail userIdentity element

AWS OFICIAL
AWS OFICIALAtualizada há 2 anos