Hello Reader,
If you read the previous post you would know that in my testing the with the AWS EBS Direct Block API I could not find any Cloudtrail logs written. Well John Lukach has taken up the task of figuring out how to solve this by creating a role that the python script can assume that would generate the logs:
https://cloud.4n6ir.com/posts/cloud-4n6ir-fun-2-detecting-api-access-to-ebs-content/index.html
While John has created the ability to log his own accesses to the API I don't believe this will now capture any events from calling the API. So this is one step closer and a pretty neat workaround to capture events that otherwise would be missed but now what I would consider a fix.
If you read the previous post you would know that in my testing the with the AWS EBS Direct Block API I could not find any Cloudtrail logs written. Well John Lukach has taken up the task of figuring out how to solve this by creating a role that the python script can assume that would generate the logs:
https://cloud.4n6ir.com/posts/cloud-4n6ir-fun-2-detecting-api-access-to-ebs-content/index.html
While John has created the ability to log his own accesses to the API I don't believe this will now capture any events from calling the API. So this is one step closer and a pretty neat workaround to capture events that otherwise would be missed but now what I would consider a fix.
Post a Comment