


 Resolution
-----------



Successful and failed sign-in attempts for Identity and Access Management (IAM) users and federated users to the AWS Management Console are logged in CloudTrail logs. As a security best practice, AWS doesn't log the entered IAM user name text when the sign-in failure is caused by an incorrect user name. The user name text shows a GuardDuty finding or CloudTrail log entry as "HIDDEN\_DUE\_TO\_SECURITY\_REASONS", similar to the following [sign-in failure event log example](https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html#hiddensecurity).


For more information, see [Logging user sign-in events](https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html#cloudtrail-integration_signin-users).





---




 Related information
--------------------



[Security best practices in IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html)


[CloudTrail userIdentity element](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html)







Amazon GuardDuty findings or AWS CloudTrail logs display the user name as "HIDDEN_DUE_TO_SECURITY_REASONS".

Why GuardDuty reports the finding HIDDEN_DUE_TO_SECURITY_REASONS

Why did GuardDuty report the finding HIDDEN_DUE_TO_SECURITY_REASONS?

安全性、身分識別與合規

為什麼我收到 IAM 使用者或角色的 Amazon GuardDuty 調查結果類型 UnauthorizedAccess:IAMUser/TorIPCaller 或 Recon:IAMUser/TorIPCaller 警示？

使用 IAM Identity Center 是否會影響我的 IAM 身分或聯合組態？

Why did GuardDuty report the finding HIDDEN_DUE_TO_SECURITY_REASONS?

Resolution

Related information

相關內容