Stack Overflow Asked by Zanam on January 19, 2021
How can I find out the email address I used to create an EC2/lightsail instance through SSH?
Firstly their may not always be an email as others has said. As to call AWS APIs you need to be able to assume a role which has the ability to call ec2:RunInstances. If for example you granted this role to an Lambda function, that Lambda could indeed create a new ec2 instance, but it's not like it has an email.
Using Tags
What you want to see is who called ec2:RunInstances for that ec2 instance. If you have enabled Cost Allocation tags you could use the aws:createdBy tag, as described here. To access the tags in the instance, you first need the id, and then query for the tags:
instance_id=$(curl -s http://169.254.169.254/latest/meta-data/instance-id)
aws ec2 describe-tags
--filters "Name=resource-id,Values=$instance_id" 'Name=key,Values=aws:createdBy'
--query 'Tags[].Value' --output text
CloudTrail
If you weren't in the instance, you could search for events of name RunInstances and find where responseElements.instanceSet.items[].instanceId == 'YOUR INSTANCE ID'. This can be done in AWS Config I as well I believe, if you have enabled it for your instance from created at date.
Answered by Derrops on January 19, 2021
Not sure if we can get email id, but we would be definitely able to get the accountid using the below command on the EC2 instance. AWS might not be allowing to get the email address fo the sake of security.
curl -s http://169.254.169.254/latest/dynamic/instance-identity/document | grep -i accountid
Answered by Praveen Sripati on January 19, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP