By using AWS re:Post, you agree to the Terms of Use
AWS re:Postre:Post

Monitoring RDS IAM Authentication in Cloudtrail

0

Hello, I woul like to get more information on how to monitor the RDS authentication request using Cloudtrail. As from the documentation, Cloudtrail events records all those activities happening in the cloud either via console of via API. When we enable IAM authentication for the database in RDS, we would be able to generate a token that can be used to access db. To generate the token, I am using aws-cli generate-db-auth-token command.

How the event in Cloudtrail will look like for such a request? Does that event includes any details about the requester?

Topics
Security, Identity, & ComplianceDatabaseManagement & Governance
Tags
AWS Identity and Access ManagementAmazon Relational Database ServiceDatabaseAWS CloudTrailMonitoring
Language
English
Shabeeb
asked 2 years ago1211 views
2 Answers
0

Hi. We had exactly the same question and the response we received from AWS support was that Cloudtrail tracks API calls but generate-db-auth-token works locally and does not make any API calls, so Cloudtrail can't track it. Apparently this capability is on the backlog of feature requests but no ETA at present.

MarkKD
answered a year ago
0

While the generation of a token (essentially pre-signing a URL) is purely client side, the verification of the token that happens inside the RDS service is not. Logging the generation of the token does not really make sense while logging the actual authentications with it does. The rdsauthproxy running in postgresql instances (or the PAM module calling it), for example could and should log (send to cloud trail?) the public part of the attributes from the token (database, host, db user and the access key).

jjpp
answered 7 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content