如何找到创建CloudFormation堆栈的人?
我正在使用boto3列出状态为COMPLETE的堆栈以及创建堆栈的用户。我可以获得堆栈的所有属性,但我无法在CloudFormation仪表板或boto3 CF API中找到用户信息。知道如何获取创建堆栈的用户的IAM用户名吗?
由于
我的代码片段:
import boto3
cf = boto3.client('cloudformation', region_name='us-east-1')
stacks = cf.list_stacks(StackStatusFilter=['CREATE_COMPLETE'])['StackSummaries']
names = [stack['StackName'] for stack in stacks]
for name in names:
resources = cf.describe_stack_resources(StackName=name)['StackResources']
...
...
答案 0 :(得分:3)
您可以通过CloudTrail获取此信息。特别是,在CloudTrail客户端上调用lookup_events():
events = cloudtrail_client.lookup_events(LookupAttributes=[{'AttributeKey':'EventName', 'AttributeValue':'CreateStack'}])
for event in events['Events']:
event_detail = json.loads(event['CloudTrailEvent'])
if event_detail['requestParameters']['stackName'] == myStackName:
creator = event['Username']
答案 1 :(得分:0)
将Cloud Trail服务api调用lookup_events()与AttributeKey'EventName',AttributeValue:'CreateStack'