Home > Net >  AWS: how to see the services a particular user account has been using
AWS: how to see the services a particular user account has been using

Time:02-01

I'm the administrator of an AWS account that has 4 users. One of the users is racking up higher-than-expected costs.

I checked the Cost Explorer, but could not seem to configure it to view individual users.

As an administrator in AWS, how do I see all of the services this particular user has been using during a given period of time (e.g. the last 12 months)?

Thanks!

CodePudding user response:

AWS resources are associated with an AWS Account, not a specific user.

If a user has the necessary permissions to create resources (eg an Amazon EC2 instance), then the instance is launched in the AWS Account, but there is no link back to the user that requested the resource.

You can, however, use AWS CloudTrail:

AWS CloudTrail is an AWS service that helps you enable operational and risk auditing, governance, and compliance of your AWS account. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail. Events include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs.

It will show all API calls made by the user, including the Action ('launch an EC2 instance'), their IP address, timestamp, etc. Operations in the AWS management console will also be shown, since it makes API calls on behalf of the user.

CloudTrail keeps a history of the past 90 days, but you can create specific 'Trails' that retain data permanently. If you have not done this, then it will not be possible to see what they did prior to 90 days ago.

  • Related