The Problem statement is like how can one person audit the amount of data out/downloaded from AWS s3 by an IAM user. On a explanatory note in my company from a long time billing is exceeding due to AWS S3 data download but I am unable to find out which IAM user of my company is downloading this huge amount of data.
Asked
Active
Viewed 98 times
1
John Rotenstein
- 241,921
- 22
- 380
- 470
Vanshika Sharma
- 11
- 2
-
Are you referring to costs associated with **Data Transfer**? Data Transfer is when data goes from AWS to the Internet. – John Rotenstein Feb 23 '21 at 04:59
2 Answers
0
You can audit the actions of IAM users via CloudTrail. This is a good product to have if you need to audit the activity of IAM principles in the account.
user2977636
- 2,086
- 2
- 17
- 21
-
Are you sure that CloudTrail can report on volumes of traffic resulting from a `GetObject` request? I thought that it only records the API request itself? – John Rotenstein Feb 23 '21 at 05:01
0
You can audit all S3 actions by enabling log delivery and aggregate it to get desired summarized data.
On the Request log field, you can view the canonical user ID of the requester, or a - for unauthenticated requests. If the requester was an IAM user, this field returns the requester's IAM user name along with the AWS root account that the IAM user belongs to. This identifier is the same one used for access control purposes.
John Paulo Rodriguez
- 1,280
- 18
- 21