-
Notifications
You must be signed in to change notification settings - Fork 5
/
218007301253_CloudTrail_us-east-1_20230710T1225Z_RL8g7SsRoNFvvVBW.json
1 lines (1 loc) · 5.74 KB
/
218007301253_CloudTrail_us-east-1_20230710T1225Z_RL8g7SsRoNFvvVBW.json
1
{"Records":[{"eventVersion":"1.08","userIdentity":{"type":"IAMUser","principalId":"AIDATFQR7NSC5AU2ZV3IE","arn":"arn:aws:iam::123837392027:user/bert-jan","accountId":"123837392027","accessKeyId":"AKIATFQR7NSC8Q4X20BJ","userName":"bert-jan"},"eventTime":"2023-07-10T12:16:29Z","eventSource":"rds.amazonaws.com","eventName":"DescribeDBInstances","awsRegion":"us-east-1","sourceIPAddress":"192.168.10.20","userAgent":"APN/1.0 HashiCorp/1.0 Terraform/1.1.2 (+https://www.terraform.io) terraform-provider-aws/3.76.1 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.44.157 (go1.19.3; linux; amd64) stratus-red-team_06a62bf9-ef89-43a1-a17b-5234dcbf4cb4 HashiCorp-terraform-exec/0.17.3","requestParameters":{"dBInstanceIdentifier":"terraform-20230710121504061500000001"},"responseElements":null,"requestID":"66e4ef84-0c40-4eb6-ac1b-4ffa653caa1e","eventID":"d8dd4a1e-62fd-4029-bbba-a0fe838ba0c7","readOnly":true,"eventType":"AwsApiCall","managementEvent":true,"recipientAccountId":"123837392027","eventCategory":"Management","tlsDetails":{"tlsVersion":"TLSv1.2","cipherSuite":"ECDHE-RSA-AES128-GCM-SHA256","clientProvidedHostHeader":"rds.us-east-1.amazonaws.com"}},{"eventVersion":"1.08","userIdentity":{"type":"IAMUser","principalId":"AIDATFQR7NSC5AU2ZV3IE","arn":"arn:aws:iam::123837392027:user/bert-jan","accountId":"123837392027","accessKeyId":"AKIATFQR7NSC8Q4X20BJ","userName":"bert-jan"},"eventTime":"2023-07-10T12:17:32Z","eventSource":"rds.amazonaws.com","eventName":"DescribeDBInstances","awsRegion":"us-east-1","sourceIPAddress":"192.168.10.20","userAgent":"APN/1.0 HashiCorp/1.0 Terraform/1.1.2 (+https://www.terraform.io) terraform-provider-aws/3.76.1 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.44.157 (go1.19.3; linux; amd64) stratus-red-team_06a62bf9-ef89-43a1-a17b-5234dcbf4cb4 HashiCorp-terraform-exec/0.17.3","requestParameters":{"dBInstanceIdentifier":"terraform-20230710121504061500000001"},"responseElements":null,"requestID":"7f6eb082-a253-458a-b273-bdef1a00077d","eventID":"084a0d08-2e94-4777-9042-48df97531113","readOnly":true,"eventType":"AwsApiCall","managementEvent":true,"recipientAccountId":"123837392027","eventCategory":"Management","tlsDetails":{"tlsVersion":"TLSv1.2","cipherSuite":"ECDHE-RSA-AES128-GCM-SHA256","clientProvidedHostHeader":"rds.us-east-1.amazonaws.com"}},{"eventVersion":"1.08","userIdentity":{"type":"IAMUser","principalId":"AIDATFQR7NSC5AU2ZV3IE","arn":"arn:aws:iam::123837392027:user/bert-jan","accountId":"123837392027","accessKeyId":"AKIATFQR7NSC8Q4X20BJ","userName":"bert-jan"},"eventTime":"2023-07-10T12:19:27Z","eventSource":"rds.amazonaws.com","eventName":"DescribeDBInstances","awsRegion":"us-east-1","sourceIPAddress":"192.168.10.20","userAgent":"APN/1.0 HashiCorp/1.0 Terraform/1.1.2 (+https://www.terraform.io) terraform-provider-aws/3.76.1 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.44.157 (go1.19.3; linux; amd64) stratus-red-team_06a62bf9-ef89-43a1-a17b-5234dcbf4cb4 HashiCorp-terraform-exec/0.17.3","requestParameters":{"dBInstanceIdentifier":"terraform-20230710121504061500000001"},"responseElements":null,"requestID":"548c34c8-1f82-4e7e-91ca-eefe82cdb9b3","eventID":"4f5bcccd-e830-4f81-92c9-12223f60538d","readOnly":true,"eventType":"AwsApiCall","managementEvent":true,"recipientAccountId":"123837392027","eventCategory":"Management","tlsDetails":{"tlsVersion":"TLSv1.2","cipherSuite":"ECDHE-RSA-AES128-GCM-SHA256","clientProvidedHostHeader":"rds.us-east-1.amazonaws.com"}},{"eventVersion":"1.08","userIdentity":{"type":"IAMUser","principalId":"AIDATFQR7NSC5AU2ZV3IE","arn":"arn:aws:iam::123837392027:user/bert-jan","accountId":"123837392027","accessKeyId":"AKIATFQR7NSC8Q4X20BJ","userName":"bert-jan"},"eventTime":"2023-07-10T12:20:30Z","eventSource":"rds.amazonaws.com","eventName":"DescribeDBSnapshots","awsRegion":"us-east-1","sourceIPAddress":"192.168.10.20","userAgent":"APN/1.0 HashiCorp/1.0 Terraform/1.1.2 (+https://www.terraform.io) terraform-provider-aws/3.76.1 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.44.157 (go1.19.3; linux; amd64) stratus-red-team_06a62bf9-ef89-43a1-a17b-5234dcbf4cb4 HashiCorp-terraform-exec/0.17.3","requestParameters":{"dBSnapshotIdentifier":"exfiltration","includeShared":false,"includePublic":false},"responseElements":null,"requestID":"ea4a5cb9-d853-46d1-ac4d-156982c2728f","eventID":"52a2921f-683b-4c64-91d6-a62edb999543","readOnly":true,"eventType":"AwsApiCall","managementEvent":true,"recipientAccountId":"123837392027","eventCategory":"Management","tlsDetails":{"tlsVersion":"TLSv1.2","cipherSuite":"ECDHE-RSA-AES128-GCM-SHA256","clientProvidedHostHeader":"rds.us-east-1.amazonaws.com"}},{"eventVersion":"1.08","userIdentity":{"type":"IAMUser","principalId":"AIDATFQR7NSC5AU2ZV3IE","arn":"arn:aws:iam::123837392027:user/bert-jan","accountId":"123837392027","accessKeyId":"AKIATFQR7NSC8Q4X20BJ","userName":"bert-jan"},"eventTime":"2023-07-10T12:21:02Z","eventSource":"rds.amazonaws.com","eventName":"DescribeDBSnapshots","awsRegion":"us-east-1","sourceIPAddress":"192.168.10.20","userAgent":"APN/1.0 HashiCorp/1.0 Terraform/1.1.2 (+https://www.terraform.io) terraform-provider-aws/3.76.1 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.44.157 (go1.19.3; linux; amd64) stratus-red-team_06a62bf9-ef89-43a1-a17b-5234dcbf4cb4 HashiCorp-terraform-exec/0.17.3","requestParameters":{"includePublic":false,"dBSnapshotIdentifier":"exfiltration","includeShared":false},"responseElements":null,"requestID":"a6919b1e-167a-433f-b27a-3c2527362d72","eventID":"0670b8d5-8a8f-466d-82f0-bbeaae7d68f9","readOnly":true,"eventType":"AwsApiCall","managementEvent":true,"recipientAccountId":"123837392027","eventCategory":"Management","tlsDetails":{"tlsVersion":"TLSv1.2","cipherSuite":"ECDHE-RSA-AES128-GCM-SHA256","clientProvidedHostHeader":"rds.us-east-1.amazonaws.com"}}]}