dimisjim

Asked: 2018-10-22 07:05:15 +0800 CST2018-10-22 07:05:15 +0800 CST 2018-10-22 07:05:15 +0800 CST

How to check which IAM performed an object modification of an s3 bucket

Is there a way to see which IAM did a modification on a aws s3 bucket object (with versioning enabled)?

I know that there is the aws s3api list-object-versions, but it only shows the owner's DisplayName and ID (owner of aws organisation), not the underlying IAM that performed the modification.

"Owner": {
    "DisplayName": "my-username",
    "ID": "7009a8971cd660687538875e7c86c5b672fe116bd438f46db45460ddcd036c32"

Thanks in advance for the help.

1 Answers

Voted

Best Answer

Alex Moore
2018-10-22T08:16:22+08:002018-10-22T08:16:22+08:00
You want to configure CloudTrail. This service monitors calls to the AWS platform and can also monitor S3 API calls, logging the user information you require.

More details here:

Logging Amazon S3 API Calls by Using AWS CloudTrail
3

How to check which IAM performed an object modification of an s3 bucket

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?