如何找出谁创建了 aws cloudwatch alarm/metrics?

How to find out who created aws cloudwatch alarm/metrics?

如何找出哪些 IAM 用户创建了某些指标和警报?

我尝试了 CLI 命令:describe-alarmslist-metrics,但它们似乎没有提供此信息,在 AWS 控制台中查看警报和指标的配置时也没有提供。

虽然用户调用 APIs 在 AWS 中创建资源,但这些资源与 AWS 账户而非用户相关联。只要用户在账户中有创建资源的权限,资源就会created/viewed/deleted.

但是,您可以使用 AWS CloudTrail 检索有关 API 调用本身的信息:

AWS CloudTrail is an AWS service that helps you enable governance, compliance, and operational and risk auditing of your AWS account. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail. Events include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs.