Questions tagged with AWS CloudTrail
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Can we access and use multiple roles from a single user simultaneously(using STS assumeRole api right now)? My use case requires creation of different roles which have their specific policies...
2
answers
1
votes
5333
views
asked 2 years agolg...
When analyzing an CloudTrail event, how to know if it is a management event or data event?
Accepted AnswerAWS CloudTrail
1
answers
0
votes
777
views
asked 2 years agolg...
I want to find out how can we audit AWS events/logs to see when lucidscale (a third party application) makes a connection. I already looked into AWS CloudTrail, CloudWatch but I didn't find anything...
1
answers
1
votes
274
views
asked 2 years agolg...
Querying nested json arrays in Cloudtrail logs to find open security groups - Is there a better way?lg...
I am using Athena to query my Cloudtrail logs to find security groups that have rules that allow access to/from the internet. To achieve this, I am looking to see if any cidrIp in...
1
answers
0
votes
949
views
asked 2 years agolg...
someone is able to access lightsail instances using a non-existent username how to resolve this problem? (the username used is "admin-d" ?)
I was able to check it through cloudtrail logs.
This user...
2
answers
0
votes
490
views
asked 2 years agolg...
Hello,
I woul like to get more information on how to monitor the RDS authentication request using Cloudtrail. As from the documentation, Cloudtrail events records all those activities happening in the...
2
answers
0
votes
2293
views
asked 2 years agolg...
Hi, struggling with consolidating logs. I want to enable server access logging in S3 as well as VPC flow logging. Both need to have a logging bucket per region. That is not very scalable. Can't this...
1
answers
0
votes
847
views
asked 2 years agolg...
Hi, where can we find the IPs of the Amazon EKS service? I want to correctly identify a CloudTrail event with the name GetCallerIdentity that is made by the EKS.
[EKS...
2
answers
3
votes
3846
views
asked 2 years agolg...
Hi,
Enabling SecurityHub on my accounts. Thus asked to enable AWS Config on all accounts in all regions. Found the AWSConfig StackSet that does this automatically. Great automation, but is it...
1
answers
0
votes
325
views
asked 2 years agolg...
I want collet cloudtrail event log to provider a lifcycle event log query for any resources in any region.
I found LookupEvents API of cloudtrail is provider it(there are some limit for this api:...
1
answers
0
votes
278
views
asked 2 years agolg...
Hello,
we have configured configured Control Tower landing zone and enrolled tens of accounts in our organization.
We would like to monitor some of the actions (ConsoleLogin, SwitchRole, CreateUser,...
1
answers
0
votes
1472
views
asked 2 years agolg...
Good afternoon. My next project is moving off user IAM keys for resources and to IAM role based access (much more secure), but having some issues with keys.
On the IAM / user, under security...
1
answers
0
votes
217
views
asked 2 years agolg...