How can i get information of my all iam users. when they login?


i wanted know which iam user is login, i want to get notified when they login with thier iam user!!

질문됨 7달 전237회 조회
2개 답변

You can use event bridge to monitor cloudtrail APi calls and send a message to an SNS topic. Theres a similar example here but specifically looking at AttachUserPolicy events. Replace this with ConsoleLogin

I believe this should work for you.

profile picture
답변함 7달 전
profile pictureAWS
검토됨 7달 전
  • i already set consolelogin in eventbridge using cloudtrail but i receieved only 1 email from one iam account and but did not not get other users login information or notification(sns). and after 1 email it didnot send any email.

  • Do you mean 1 x iam user? This should trigger every time an IAM user logs into the console. Remember users stay logged in up to 12 hours unless they log out and in again


AWS makes requests based on API calls.

When accessing programmatically, including CLI, credentials are saved on the local PC and requests are made according to the permissions given to the credentials. Therefore, there is no login during this process.

However, if SSO is linked through Identity Center, SSO Login can be triggered from CLI. By analyzing Identity Center records in CloudTrail, you can see who has access to SSO. For detailed API call names, please check the official documentation [1].

In the management console, users log in with a password. This is not an API call, but it is recorded in CloudTrail. For example, in CloudTrail, if you collect records with an "eventSource" of "", you can determine which users are logged in. Please check the official documentation [2] for specific records.



profile pictureAWS
답변함 6달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠