A naukri.com initiative
Amazon
1M
155
Image Credit: Amazon
Important changes to CloudTrail events for AWS IAM Identity Center
- AWS IAM Identity Center is making changes to simplify user identification in CloudTrail events, enhancing correlation between IAM Identity Center users and external directory services, such as Okta Universal Directory or Microsoft Active Directory.
- From January 13, 2025, IAM Identity Center will stop emitting userName and principalId fields under the user identity element in CloudTrail events.
- IAM Identity Center will emit user ID and Identity Store ARN fields to replace the userName and principalId fields, enhancing user identification and action tracking in CloudTrail.
- IAM Identity Center CloudTrail events will also specify IdentityCenterUser as the identity type instead of Unknown, providing a clear identifier for users.
- Group's displayName value will be excluded from the requestParameters and responseElements elements for CreateGroup and UpdateGroup CloudTrail events.
- IAM Identity Center will replace the displayName value in the administrative CloudTrail events for CreateGroup and UpdateGroup with a fixed text value of HIDDEN_DUE_TO_SECURITY_REASONS, which restricts access to the group displayName only to workflows that are authorized to access group attributes in the Identity Store.
- IAM Identity Center will add the userId and identityStoreArn fields to help workflows associate users with external directories and link CloudTrail events to a specific user.
- The changes are effective from January 13, 2025, and customers are recommended to update their workflows that process the userName, principalId, userIdentity type, or group displayName fields in CloudTrail events for IAM Identity Center.
- To prepare workflows for these changes, IAM Identity Center users can update their workflows by using the Identity Store DescribeGroup API operation.
- IAM Identity Center users can use the updated user identity element for the sample CloudTrail event shared in the article and gain deeper insights into specific CloudTrail events and API operations impacted by the changes.
Read Full Article
9 Likes
For uninterrupted reading, download the app