Questions tagged with AWS CloudTrail
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
I want to find out how can we audit AWS events/logs to see when lucidscale (a third party application) makes a connection. I already looked into AWS CloudTrail, CloudWatch but I didn't find anything...
1
answers
1
votes
267
views
asked 2 years agolg...
Querying nested json arrays in Cloudtrail logs to find open security groups - Is there a better way?lg...
I am using Athena to query my Cloudtrail logs to find security groups that have rules that allow access to/from the internet. To achieve this, I am looking to see if any cidrIp in...
1
answers
0
votes
916
views
asked 2 years agolg...
someone is able to access lightsail instances using a non-existent username how to resolve this problem? (the username used is "admin-d" ?)
I was able to check it through cloudtrail logs.
This user...
2
answers
0
votes
474
views
asked 2 years agolg...
Hello,
I woul like to get more information on how to monitor the RDS authentication request using Cloudtrail. As from the documentation, Cloudtrail events records all those activities happening in the...
2
answers
0
votes
2233
views
asked 2 years agolg...
Hi, struggling with consolidating logs. I want to enable server access logging in S3 as well as VPC flow logging. Both need to have a logging bucket per region. That is not very scalable. Can't this...
1
answers
0
votes
820
views
asked 2 years agolg...
Hi, where can we find the IPs of the Amazon EKS service? I want to correctly identify a CloudTrail event with the name GetCallerIdentity that is made by the EKS.
[EKS...
2
answers
3
votes
3578
views
asked 2 years agolg...
Hi,
Enabling SecurityHub on my accounts. Thus asked to enable AWS Config on all accounts in all regions. Found the AWSConfig StackSet that does this automatically. Great automation, but is it...
1
answers
0
votes
313
views
asked 2 years agolg...
I want collet cloudtrail event log to provider a lifcycle event log query for any resources in any region.
I found LookupEvents API of cloudtrail is provider it(there are some limit for this api:...
1
answers
0
votes
265
views
asked 2 years agolg...
Hello,
we have configured configured Control Tower landing zone and enrolled tens of accounts in our organization.
We would like to monitor some of the actions (ConsoleLogin, SwitchRole, CreateUser,...
1
answers
0
votes
1421
views
asked 2 years agolg...
Good afternoon. My next project is moving off user IAM keys for resources and to IAM role based access (much more secure), but having some issues with keys.
On the IAM / user, under security...
1
answers
0
votes
209
views
asked 2 years agolg...
Hi,
I am try to create a central repository in my Audit account and send all Config files to this bucket. I figure out how to do via these instructions Granting AWS Config access to the Amazon S3...
2
answers
0
votes
775
views
asked 2 years agolg...
Hello, I have an S3 bucket in a GovCloud account that is locked to everyone and everything due to its bucket policy. Normally, in a commercial account I'd be able to delete the bucket/policy with the...
2
answers
0
votes
828
views
asked 2 years agolg...