I come across many S3 buckets... is there a way to tell which AWS account a given S3 bucket was created in? I can only think of iterating through each account I have access to, but I don't have keys for many accounts in our portfolio.
Asked
Active
Viewed 360 times
0
-
I suspect making that information available publicly would be a small security risk, so I doubt there's a way to do it. You probably have to log into your account via the console or API. – Tim Oct 19 '17 at 23:07
1 Answers
1
As Tim said this doesnt look possible due to security reasons. None of the CLI APIs look useful for this.
Ideally you should have a parent account and use My-Organization feature to keep track of all accounts (consolidated billing is a good excuse to get all of them under a single umbrella) and also ask account owners to create a cross-account-role with read privileges. Once you have this, you can easily iterate all accounts programmatically and find the relevant info.
dy10
- 41
- 5
-
I thought that returning an account ID number would not be anything sensitive, but then someone may be able to target login hacks against a particular bucket owner. – AXE Labs Oct 23 '17 at 20:33