-
Notifications
You must be signed in to change notification settings - Fork 111
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cloudtrail_supported_actions contains actions that are not actually logged to cloudtrail #62
Comments
It definitely could be improved, as right now there hasn't been a process. :) All I had done previously was list all the actions from botocore and then manually look through the docs to remove actions that were mentioned as not used. :( In theory, the concept behind Will Bengston's trailblazer project could be used: https://github.com/willbengtson/trailblazer-aws |
Perhaps the best way forward is for some folks with active AWS environments to provide a list of known APIs that are logged, by collecting that data from their own CloudTrail logs. Just providing a list of action names is all that is needed. Then for anything not in that list, we'd just assume it is not documented unless we hear otherwise from someone. |
At least, sqs:ReceiveMessage (and various other sqs APIs) do not actually appear in cloudtrail. The only sqs related ones I actually see in cloudtrail across several accounts over the past 30 days are
sqs:CreateQueue
,sqs:DeleteQueue
,sqs:PurgeQueue
, andsqs:SetQueueAttributes
.I imagine there are others that are incorrectly present in this list.
I know that this list was updated ~3 months ago. Maybe the procedure for generating/verifying that list's accuracy could be improved or revisited?
The text was updated successfully, but these errors were encountered: