如何找出谁在 aws ec2 中创建了密钥对?
[英]How to find out who created a Key Pair in aws ec2?
问题描述
I have full access to AWS account, see all keys that was created and used and need to know the person who owns the private keys.
我拥有对 AWS 账户的完全访问权限,可以查看所有创建和使用的密钥,并且需要知道拥有私钥的人。 But AWS UI does no provide any information about Key Pairs except ID, Name, Type, Fingerprint但 AWS UI 不提供任何关于密钥对的信息,除了 ID、名称、类型、指纹
Is it possible to identify who created a certain key pair in AWS EC2?是否可以识别谁在 AWS EC2 中创建了某个密钥对?
1 个解决方案
解决方案1
1 2022-01-13 18:43:06
If CloudTrail is setup it would have recorded the event which includes the user.如果CloudTrail 已设置,它将记录包含用户的事件。 The Following is lifted from the AWS Cloudtrail docs :以下内容摘自AWS Cloudtrail 文档:
{"Records": [{
"eventVersion": "1.0",
"userIdentity": {
"type": "IAMUser",
"principalId": "EX_PRINCIPAL_ID",
"arn": "arn:aws:iam::123456789012:user/Alice",
"accountId": "123456789012",
"accessKeyId": "EXAMPLE_KEY_ID",
"userName": "Alice",
"sessionContext": {"attributes": {
"mfaAuthenticated": "false",
"creationDate": "2014-03-06T15:15:06Z"
}}
},
"eventTime": "2014-03-06T17:10:34Z",
"eventSource": "ec2.amazonaws.com",
"eventName": "CreateKeyPair",
"awsRegion": "us-east-2",
"sourceIPAddress": "72.21.198.64",
"userAgent": "EC2ConsoleBackend, aws-sdk-java/Linux/x.xx.fleetxen Java_HotSpot(TM)_64-Bit_Server_VM/xx",
"requestParameters": {"keyName": "mykeypair"},
"responseElements": {
"keyName": "mykeypair",
"keyFingerprint": "30:1d:46:d0:5b:ad:7e:1b:b6:70:62:8b:ff:38:b5:e9:ab:5d:b8:21",
"keyMaterial": "\u003csensitiveDataRemoved\u003e"
}
}]}
If cloudTrail was not enabled when the keypair was created i think you might be out of luck.如果在创建密钥对时未启用 cloudTrail,我认为您可能不走运。 If you have paid support you could ask the question to AWS or otherwise use the AWS forums - they may know more than me.如果您有付费支持,您可以向 AWS 提出问题或以其他方式使用 AWS 论坛——他们可能比我了解更多。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.