CloudTrail event codeartifact.amazonaws.com : DescribePackage not readOnly

I'm working on analyzing CloudTrail events as they come in and when I was setting up a filter ( ignore events that are readOnly ) I was surpised to see the above events coming through. The event DescribePackage from the source codeartifact.amazonaws.com is not marked as a readOnly event. Does anyone know of a reason why this would be or is this an oversight on AWS's part? ( I removed some parts of the event below )

{
  "eventVersion" : "1.08",
  "userIdentity" : { },
  "eventSource" : "codeartifact.amazonaws.com",
  "eventName" : "DescribePackage",
  "awsRegion" : "us-east-1",
  "readOnly" : false,
  "eventType" : "AwsApiCall",
  "managementEvent" : true,
}

Topics

Developer Tools Management & Governance

Tags

AWS CodeArtifact AWS CloudTrail

Language

English

larryjkl

asked a year ago218 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

Accepted Answer

Thanks for reporting this, we will be updating DescribePackage to be marked as readOnly in CloudTrail.

Carl Lewis

answered a year ago

larryjkl
a year ago
Great, thanks. While you are in there : ) This one seems like it could be readOnly as well, unless there's something it's doing that I'm missing ( I can open a new question if that's easier, let me know )

guardduty.amazonaws.com : GetRemainingFreeTrialDays

{ "eventVersion" : "1.08", "eventTime" : "2023-04-21T14:33:23Z", "eventSource" : "guardduty.amazonaws.com", "eventName" : "GetRemainingFreeTrialDays", "requestParameters" : { "detectorId" : "", "accountIds" : [ "", "****" ] }, "readOnly" : false, "eventType" : "AwsApiCall", "managementEvent" : true, "eventCategory" : "Management" }
Carl Lewis
a year ago
Yes I would suggest opening a new question for GetRemainingFreeTrialDays and tag it with GuardDuty.

Relevant content

Does the IAM Access Analyzer consider Data Events as well as Management Events in CloudTrail Trail logs?
Accepted Answer
rePost-User-3291816
asked 2 years ago
CloudTrail event guardduty.amazonaws.com : GetRemainingFreeTrialDays not readOnly
larryjkl
asked a year ago
Filter CloudTrail event in IAM policy
rePost-User-2063218
asked 2 years ago
KMS events are not being excluded form CloudTrail Management Events
Accepted Answer
Osain
asked 2 years ago
Why aren't Amazon S3 object-level API actions appearing in my CloudTrail Event history?
AWS OFFICIALUpdated 2 years ago
Why can't I find the user name that created an EBS volume by searching CloudTrail events logs?
AWS OFFICIALUpdated 2 years ago
What are the differences between data events and management events in CloudTrail?
AWS OFFICIALUpdated 2 years ago
How do I use CloudWatch alarms to monitor CloudTrail events?
AWS OFFICIALUpdated a month ago
Free AWS Live Virtual Event: AWS Silicon Innovation Day
EXPERT
Markus Adhiwiyogo
published 10 months ago
A step-by-step guide to cross-account and cross-region events with EventBridge
EXPERT
Antonio_Lagrotteria
published a year ago