What method to list IAM User or Role that accessing Private S3 Buckets in Single account.
CodePudding user response:
You can activate logging on the Amazon S3 bucket.
See: Logging requests using server access logging - Amazon Simple Storage Service
The logs include a field for Requester:
The canonical user ID of the requester, or a - for unauthenticated requests. If the requester was an IAM user, this field returns the requester's IAM user name along with the AWS root account that the IAM user belongs to. This identifier is the same one used for access control purposes.