1 Answer
- Newest
- Most votes
- Most comments
0
You can use AWS CloudTrail to check the log of api calls to your s3 bucket to know who/what is adding objects to your bucket.
AWS CloudTrail now supports Amazon S3 Data Events. You can record all API actions on S3 Objects and receive detailed information such as the AWS account of the caller, IAM user role of the caller, time of the API call, IP address of the API, and other details.
You can check this part of the documentation to learn how to use it.
Relevant content
- asked a year ago
- AWS OFFICIALUpdated a year ago
Hello David. Thanks for your help . I will check it
I have something like this but I cannot see from where the request is coming from {"Records":[{"eventVersion":"1.08","userIdentity":{"type":"AWSService","invokedBy":"s3.amazonaws.com"},"eventTime":"2023-05-30T17:46:17Z","eventSource":"s3.amazonaws.com","eventName":"PutObject","awsRegion":"eu-west-1","sourceIPAddress":"s3.amazonaws.com","userAgent":"s3.amazonaws.com","requestParameters":{"bucketName":"aaas3","Host":"s3.eu-west-1.amazonaws.com","key":"2023-05-30-17-46-17-7F1FFFEC5E61041F"}, eventType":"AwsApiCall"
i had a firehose "demo data" running but I already delete it ... not sure if it is coming from there ?