How can I retrieve the information on AWS calls?
I am a security engineer I am responsible for monitoring and auditing resources of AWS and other activities in my particular organization related to the environment of AWS. Now I need to determine the Identity of the AWS accounts on which AWS API calls come. How can I retrieve this information by using the AWS security token service (STS) and what details can I possibly obtain from the command of “aws sts get-caller-identity”?
In the context of AWS, here are the points given for your provided scenario:-
Retrieving AWS account Identity with “aws get caller Identity”
“aws sts get-caller-identity”This above Command would help you in retrieving the information about the AWS accounts that are making the API call, including the AWS accounts ID, IAM user or role ARN, and the IAM user or even name of the role.
Example of the output:-
{
“UserId”: “XXXXXXXXXXXXXXXXXXXX”,
“Account”: “123456789012”,
“Arn”: “arn:aws:iam::123456789012:user/exampleuser”,
“ResponseMetadata”: {
“RequestId”: “XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX”,
“HTTPStatusCode”: 200,
“HTTPHeaders”: {
“x-amzn-requestid”: “XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX”,
“content-type”: “text/xml”,
“content-length”: “396”,
“date”: “Sun, 07 Feb 2024 00:00:00 GMT”
},
“RetryAttempts”: 0
}
}By using the “aws sts get-caller-identity” Command you can obtain valuable information about the AWS accounts which are making API calls. It will further enable you to audit, and manage your AWS resources and other activities.