Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

AWS SES case open from unknown email

0

Hello,

I have discovered multiple open cases for AWS SES initiated by an unauthorized alternate contact. Upon investigation, I found that no new users or alternate contacts have been added to our account. This poses a significant security issue. How is it possible for an unauthorized individual to open cases within my organization?

How can I remove or ban this unauthorized contact to prevent further incidents?

Thank you.

Topics
Front-End Web & MobileBusiness Applications
Tags
Support CaseAmazon Simple Email Service
Language
English
asked 2 years ago257 views
3 Answers
1
Accepted Answer
  • Using cloudtrail, change your region to N.Virginia.
  • Under event history, set you Lookup attributes to Event name and search for CreateCase

Here you will see whos created the Cases. See if its a role in your account/IAM user etc which should help narrow down who created them

EXPERT
answered 2 years ago
EXPERT
reviewed 2 years ago
0

CloudTrail was activated today, so there are no previous logs.

Any other info?

answered 2 years ago
EXPERT
reviewed 2 years ago
  • Gary Mclean EXPERT
    2 years ago

    Cloudtrail is on by default and contains 90 days in the GUi. "Activiating" CLoudtrail I assume is you just storing the events in S3/Cloudwatch

0

Thanks for the clarification, you are right.

Cloudtrail is on by default and contains 90 days in the GUi. "Activating" CLoudtrail I assume is you just storing the events in S3/Cloudwatch - correct.

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content