How do I know who owns a specific service and how can I confirm it.

Question

I have a service I am trying to unsubscribe multiple queues from my SNS console; 
I notice they all have individual ARN's which correspond to different owners, however I cannot prod further into any of those owner's details. How can I check their ARN to make sure the right service owner's queue is the right one I am unsubscribing from.

Answer

The ARN will give you the account ID that owns the SNS topic (if cross-account). For the future, you should put in place a tagging and/or naming standard to make it easy to determine the owner. Do some detective work: Look for where the SNS topic was created. Does it belong to a CloudFormation stack? That can give clues to ownership. Look at the Topic Policy for clues. You should have CloudTrail enabled. Find the consumer of the SNS topic: Search CloudTrail logs for the API events that created, modified, or read from the SNS topic. That can give you the IAM user. If you do not have CloudTrail enabled, enable it and check in a few hours/days.

Tagging: https://docs.aws.amazon.com/sns/latest/dg/sns-tags.html

CloudTrail: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-getting-started.html

Tagging: https://docs.aws.amazon.com/sns/latest/dg/sns-tags.html

CloudTrail: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-getting-started.html

How do I know who owns a specific service and how can I confirm it.

相關內容