How to find S3 bucket created user?

Question

I am using a different AWS user "B" to create an S3 bucket which is different from AWS account owner "A". But when I create an S3 bucket using user "B", I always see my S3 bucket owner as "A". How can I fetch details about the user who actually created the bucket ?

I have tried following S3 APIs, but I get the owner name as "A", not the actual user "B" who created the bucket:

a. getS3AccountOwner

b. getOwner method in Bucket object returned by listBuckets API

c. getBucketAcl API

Thank You In Advance.

Answer 1

Resources in AWS do not typically belong to a User. Rather, users have permissions that allow them to make API calls against the Account, and resources are owned by the Account.

If you particularly wish to track additional information against a bucket, you could add a Tag against the bucket to track this sort of information. However, this will not happen automatically -- you would be responsible for populating the Tag.

As @BMW pointed out, if your goal is merely to have some form of audit trail to determine who created a particular resource, then you should activate Amazon CloudTrail (which is always recommended as a best practice). It collects information about every API call including the user, IP adderess, timestamp and parameters passed.