I inherited a couple of AWS environments. I have been recently doing security audits of s3 and found several policies with principals containing aws account numbers I don't know and nobody at my company are familiar with them either. So I want to basically do a reverse lookup of the owner of the accounts in question. I want to determine if the policies are still valid or can be deleted.
Asked
Active
Viewed 6,661 times
1
-
1If the bucket is to store CloudTrail logs, may be it's using old policy containing CloudTrail account IDs? http://docs.aws.amazon.com/awscloudtrail/latest/userguide/create-s3-bucket-policy-for-cloudtrail.html#s3-bucket-policy-for-multiple-regions – sudo Sep 21 '17 at 20:40
-
Is this one of them? c4c1ede66af53448b93c283ce9448c4ba468c9432aa01d700d3878632f77d2d0 – Alex R May 23 '18 at 01:09
1 Answers
5
There is no public api for that. You can probably contact your AWS support representative to assist with that.
Jason Martin
- 5,023
- 17
- 24