[英]How to find out who created aws cloudwatch alarm/metrics?
How do I find out what IAM user created certain metrics and alarms? 如何找出哪些IAM用户创建了特定指标和警报?
I tried CLI commands: describe-alarms
and list-metrics
and they don't seem to provide this information nor when looking at the configuration for the alarms and metrics in the AWS console. 我尝试了CLI命令:
describe-alarms
和list-metrics
,它们似乎不提供此信息,也没有在AWS控制台中查看警报和指标的配置时提供此信息。
While users call APIs to create resources in AWS, those resources are associated with the AWS Account rather than a user. 当用户调用API在AWS中创建资源时,这些资源与AWS账户而不是用户关联。 As long as a user has permission to create resources in the account, the resources will be created/viewed/deleted.
只要用户有权在帐户中创建资源,就会创建/查看/删除资源。
However, you can use AWS CloudTrail to retrieve information about the API calls themselves : 但是,您可以使用AWS CloudTrail 检索有关API调用本身的信息 :
AWS CloudTrail is an AWS service that helps you enable governance, compliance, and operational and risk auditing of your AWS account.
AWS CloudTrail是一项AWS服务,可帮助您启用AWS账户的治理,合规性以及运营和风险审计。 Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail.
用户,角色或AWS服务执行的操作在CloudTrail中记录为事件。 Events include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs.
事件包括在AWS管理控制台,AWS命令行界面以及AWS开发工具包和API中采取的操作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.