-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy path218007301253_CloudTrail_us-east-1_20230710T1230Z_9dKPuRzdLzqZRjqm.json
1 lines (1 loc) · 2.7 KB
/
218007301253_CloudTrail_us-east-1_20230710T1230Z_9dKPuRzdLzqZRjqm.json
1
{"Records":[{"eventVersion":"1.08","userIdentity":{"type":"IAMUser","principalId":"AIDATFQR7NSC5AU2ZV3IE","arn":"arn:aws:iam::123837392027:user/bert-jan","accountId":"123837392027","accessKeyId":"AKIATFQR7NSC8Q4X20BJ","userName":"bert-jan"},"eventTime":"2023-07-10T12:23:04Z","eventSource":"sts.amazonaws.com","eventName":"GetCallerIdentity","awsRegion":"us-east-1","sourceIPAddress":"192.168.10.20","userAgent":"APN/1.0 HashiCorp/1.0 Terraform/1.1.2 (+https://www.terraform.io) terraform-provider-aws/dev (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.44.20 (go1.17.6; linux; amd64) stratus-red-team_01190e38-873e-4cc4-aede-7ceb7ffc2a4a HashiCorp-terraform-exec/0.17.3","requestParameters":null,"responseElements":null,"requestID":"f7943aad-c6b8-4472-8c81-36d3a70bd744","eventID":"3a62c135-cdcb-42cc-a816-ef10800485fb","readOnly":true,"eventType":"AwsApiCall","managementEvent":true,"recipientAccountId":"123837392027","eventCategory":"Management","tlsDetails":{"tlsVersion":"TLSv1.2","cipherSuite":"ECDHE-RSA-AES128-GCM-SHA256","clientProvidedHostHeader":"sts.amazonaws.com"}},{"eventVersion":"1.08","userIdentity":{"type":"IAMUser","principalId":"AIDATFQR7NSC5AU2ZV3IE","arn":"arn:aws:iam::123837392027:user/bert-jan","accountId":"123837392027","accessKeyId":"AKIATFQR7NSC8Q4X20BJ","userName":"bert-jan"},"eventTime":"2023-07-10T12:25:26Z","eventSource":"s3.amazonaws.com","eventName":"GetBucketAcl","awsRegion":"us-east-1","sourceIPAddress":"192.168.10.20","userAgent":"[APN/1.0 HashiCorp/1.0 Terraform/1.1.2 (+https://www.terraform.io) terraform-provider-aws/3.76.1 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.44.157 (go1.19.3; linux; amd64) stratus-red-team_1222242e-efe2-4641-a881-346fa54f41e1 HashiCorp-terraform-exec/0.17.3]","requestParameters":{"bucketName":"stratus-red-team-backdoor-f-bucket-ufamgrrnmw","Host":"stratus-red-team-backdoor-f-bucket-ufamgrrnmw.s3.amazonaws.com","acl":""},"responseElements":null,"additionalEventData":{"SignatureVersion":"SigV4","CipherSuite":"ECDHE-RSA-AES128-GCM-SHA256","bytesTransferredIn":0,"AuthenticationMethod":"AuthHeader","x-amz-id-2":"KmHHse4Cgo4MumZRr2xGGPDv03sRjwdt9TJqdUk6MHTT/T+MXfUoC1KWPRcBDlRFu6lhvt7oJjc=","bytesTransferredOut":552},"requestID":"H232HRCDQ6DNW895","eventID":"59436f7e-10ae-4668-8dda-eefbac04dcb8","readOnly":true,"resources":[{"accountId":"123837392027","type":"AWS::S3::Bucket","ARN":"arn:aws:s3:::stratus-red-team-backdoor-f-bucket-ufamgrrnmw"}],"eventType":"AwsApiCall","managementEvent":true,"recipientAccountId":"123837392027","eventCategory":"Management","tlsDetails":{"tlsVersion":"TLSv1.2","cipherSuite":"ECDHE-RSA-AES128-GCM-SHA256","clientProvidedHostHeader":"stratus-red-team-backdoor-f-bucket-ufamgrrnmw.s3.amazonaws.com"}}]}