| action |
string |
created |
| app |
string |
|
| command |
string |
DescribeDBSnapshots |
| desc |
string |
null |
| field |
string |
|
| product |
string |
CloudTrail |
| status |
string |
success |
| user |
string |
AWSReservedSSO_AdministratorAccess_3f08c07f980fa64d |
| SigmaEventCode |
string |
N/A |
| additionalEventData.ARN |
string |
|
| additionalEventData.AuthenticationMethod |
string |
AuthHeader |
| additionalEventData.CipherSuite |
string |
ECDHE-RSA-AES128-GCM-SHA256 |
| additionalEventData.LoginTo |
string |
|
| additionalEventData.MFAUsed |
string |
|
| additionalEventData.MobileVersion |
string |
|
| additionalEventData.Name |
string |
|
| additionalEventData.SSEApplied |
string |
SSE_S3 |
| additionalEventData.SignatureVersion |
string |
SigV4 |
| additionalEventData.bytesTransferredIn |
integer |
0 |
| additionalEventData.bytesTransferredOut |
integer |
0.0 |
| additionalEventData.functionVersion |
string |
|
| additionalEventData.x-amz-id-2 |
string |
0y2rMlC5Q88nT6O5gHR0hhIWPasO3JfFY7waFmPUP8Grx+glyrF09G5y2H65OymKszvP9lpn+WM= |
| apiVersion |
string |
|
| authentication_method |
string |
|
| awsRegion |
string |
us-west-1 |
| aws_account_id |
integer |
025042951592 |
| change_type |
string |
storage |
| dest |
string |
ec2.amazonaws.com |
| dest_ip_range |
string |
|
| dest_port_range |
string |
|
| direction |
string |
|
| dvc |
string |
s3.amazonaws.com |
| errorCode |
string |
success |
| errorMessage |
string |
Must specify userName when calling with non-User credentials |
| eventCategory |
string |
Management |
| eventID |
string |
002dcd02-9556-4b7d-8ca8-9a02109d6d72 |
| eventName |
string |
DescribeDBSnapshots |
| eventSource |
string |
s3.amazonaws.com |
| eventTime |
string |
2022-06-13T18:27:43Z |
| eventVersion |
integer |
1.08 |
| extracted_eventType |
string |
AwsApiCall |
| image_id |
string |
|
| instance_type |
string |
|
| linecount |
string |
|
| managementEvent |
string |
true |
| msg |
string |
success |
| object |
string |
stratus-red-team-lambda-function-code-rfuyylntethctvoz |
| object_attrs |
string |
user |
| object_category |
string |
unknown |
| object_id |
string |
stratus-red-team-lambda-function-code-rfuyylntethctvoz |
| protocol |
string |
|
| protocol_code |
string |
|
| punct |
string |
|
| readOnly |
string |
true |
| reason |
string |
Must specify userName when calling with non-User credentials |
| recipientAccountId |
integer |
025042951592 |
| region |
string |
us-west-1 |
| requestID |
string |
046a75fd-b4d0-4898-9277-c28681265b8d |
| requestParameters |
string |
null |
| requestParameters.AccessControlPolicy.AccessControlList.Grant.Grantee.ID |
string |
|
| requestParameters.AccessControlPolicy.AccessControlList.Grant.Grantee.xmlns:xsi |
string |
|
| requestParameters.AccessControlPolicy.AccessControlList.Grant.Grantee.xsi:type |
string |
|
| requestParameters.AccessControlPolicy.AccessControlList.Grant.Permission |
string |
|
| requestParameters.AccessControlPolicy.AccessControlList.Grant{}.Grantee.ID |
string |
|
| requestParameters.AccessControlPolicy.AccessControlList.Grant{}.Grantee.URI |
string |
|
| requestParameters.AccessControlPolicy.AccessControlList.Grant{}.Grantee.xmlns:xsi |
string |
|
| requestParameters.AccessControlPolicy.AccessControlList.Grant{}.Grantee.xsi:type |
string |
|
| requestParameters.AccessControlPolicy.AccessControlList.Grant{}.Permission |
string |
|
| requestParameters.AccessControlPolicy.Owner.ID |
string |
|
| requestParameters.AccessControlPolicy.xmlns |
string |
|
| requestParameters.CreateBucketConfiguration.LocationConstraint |
string |
us-west-1 |
| requestParameters.CreateBucketConfiguration.xmlns |
string |
http://s3.amazonaws.com/doc/2006-03-01/ |
| requestParameters.CreateFlowLogsRequest.DeliverLogsPermissionArn |
string |
|
| requestParameters.CreateFlowLogsRequest.LogDestination |
string |
|
| requestParameters.CreateFlowLogsRequest.LogDestinationType |
string |
|
| requestParameters.CreateFlowLogsRequest.MaxAggregationInterval |
string |
|
| requestParameters.CreateFlowLogsRequest.ResourceId.content |
string |
|
| requestParameters.CreateFlowLogsRequest.ResourceId.tag |
string |
|
| requestParameters.CreateFlowLogsRequest.ResourceType |
string |
|
| requestParameters.CreateFlowLogsRequest.TagSpecification.ResourceType |
string |
|
| requestParameters.CreateFlowLogsRequest.TagSpecification.Tag.Key |
string |
|
| requestParameters.CreateFlowLogsRequest.TagSpecification.Tag.Value |
string |
|
| requestParameters.CreateFlowLogsRequest.TagSpecification.Tag.tag |
string |
|
| requestParameters.CreateFlowLogsRequest.TagSpecification.tag |
string |
|
| requestParameters.CreateFlowLogsRequest.TrafficType |
string |
|
| requestParameters.CreateNatGatewayRequest.AllocationId |
string |
|
| requestParameters.CreateNatGatewayRequest.ClientToken |
string |
|
| requestParameters.CreateNatGatewayRequest.SubnetId |
string |
|
| requestParameters.CreateNatGatewayRequest.TagSpecification.ResourceType |
string |
|
| requestParameters.CreateNatGatewayRequest.TagSpecification.Tag.Key |
string |
|
| requestParameters.CreateNatGatewayRequest.TagSpecification.Tag.Value |
string |
|
| requestParameters.CreateNatGatewayRequest.TagSpecification.Tag.tag |
string |
|
| requestParameters.CreateNatGatewayRequest.TagSpecification.tag |
string |
|
| requestParameters.DeleteFlowLogsRequest.FlowLogId.content |
string |
|
| requestParameters.DeleteFlowLogsRequest.FlowLogId.tag |
string |
|
| requestParameters.DescribeEgressOnlyInternetGatewaysRequest |
string |
|
| requestParameters.DescribeEgressOnlyInternetGatewaysRequest.MaxResults |
string |
|
| requestParameters.DescribeFlowLogsRequest |
string |
|
| requestParameters.DescribeFlowLogsRequest.FlowLogId.content |
string |
|
| requestParameters.DescribeFlowLogsRequest.FlowLogId.tag |
string |
|
| requestParameters.DescribeInstanceCreditSpecificationsRequest.InstanceId.content |
string |
|
| requestParameters.DescribeInstanceCreditSpecificationsRequest.InstanceId.tag |
string |
|
| requestParameters.DescribeInstanceTypesRequest.MaxResults |
string |
|
| requestParameters.DescribeInstanceTypesRequest.NextToken |
string |
|
| requestParameters.DescribeLaunchTemplateVersionsRequest.LaunchTemplateId |
string |
|
| requestParameters.DescribeLaunchTemplateVersionsRequest.LaunchTemplateVersion.content |
string |
|
| requestParameters.DescribeLaunchTemplateVersionsRequest.LaunchTemplateVersion.tag |
string |
|
| requestParameters.DescribeLaunchTemplatesRequest |
string |
|
| requestParameters.DescribeNatGatewaysRequest.Filter.Name |
string |
|
| requestParameters.DescribeNatGatewaysRequest.Filter.Value.content |
string |
|
| requestParameters.DescribeNatGatewaysRequest.Filter.Value.tag |
string |
|
| requestParameters.DescribeNatGatewaysRequest.Filter.tag |
string |
|
| requestParameters.DescribeNatGatewaysRequest.MaxResults |
string |
|
| requestParameters.DescribeNatGatewaysRequest.NatGatewayId.content |
string |
|
| requestParameters.DescribeNatGatewaysRequest.NatGatewayId.tag |
string |
|
| requestParameters.DescribeVpcClassicLinkDnsSupportRequest.VpcIds.content |
string |
|
| requestParameters.DescribeVpcClassicLinkDnsSupportRequest.VpcIds.tag |
string |
|
| requestParameters.DescribeVpcEndpointServiceConfigurationsRequest.MaxResults |
string |
|
| requestParameters.DescribeVpcEndpointServicesRequest |
string |
|
| requestParameters.DescribeVpcEndpointsRequest |
string |
|
| requestParameters.DescribeVpcEndpointsRequest.MaxResults |
string |
|
| requestParameters.Filter.Not.Or{}.Dimensions.Key |
string |
|
| requestParameters.Filter.Not.Or{}.Dimensions.Values{} |
string |
|
| requestParameters.GetEbsEncryptionByDefaultRequest |
string |
|
| requestParameters.Granularity |
string |
|
| requestParameters.GroupBy{}.Key |
string |
|
| requestParameters.GroupBy{}.Type |
string |
|
| requestParameters.Host |
string |
stratus-red-team-lambda-function-code-rfuyylntethctvoz.s3.us-west-1.amazonaws.com |
| requestParameters.Metric |
string |
|
| requestParameters.Metrics{} |
string |
|
| requestParameters.Tagging.TagSet.Tag.Key |
string |
StratusRedTeam |
| requestParameters.Tagging.TagSet.Tag.Value |
string |
true |
| requestParameters.Tagging.xmlns |
string |
http://s3.amazonaws.com/doc/2006-03-01/ |
| requestParameters.TimePeriod.End |
string |
|
| requestParameters.TimePeriod.Start |
string |
|
| requestParameters.X-Amz-Algorithm |
string |
|
| requestParameters.X-Amz-Date |
string |
|
| requestParameters.X-Amz-Expires |
string |
|
| requestParameters.X-Amz-SignedHeaders |
string |
|
| requestParameters.accelerate |
string |
|
| requestParameters.accessControlList.x-amz-grant-full-control |
string |
|
| requestParameters.accessControlList.x-amz-grant-read |
string |
|
| requestParameters.accessControlList.x-amz-grant-read-acp |
string |
|
| requestParameters.accessControlList.x-amz-grant-write |
string |
|
| requestParameters.accessControlList.x-amz-grant-write-acp |
string |
|
| requestParameters.accessKeyId |
string |
|
| requestParameters.accountAttributeNameSet.items{}.attributeName |
string |
|
| requestParameters.acl |
string |
|
| requestParameters.aclProtocol |
string |
|
| requestParameters.action |
string |
lambda:InvokeFunction |
| requestParameters.agentName |
string |
|
| requestParameters.agentStatus |
string |
|
| requestParameters.agentVersion |
string |
|
| requestParameters.aggregateField |
string |
|
| requestParameters.aliasName |
string |
|
| requestParameters.allRegions |
string |
|
| requestParameters.allocationId |
string |
|
| requestParameters.allocationIdsSet.items{}.allocationId |
string |
|
| requestParameters.allowedPattern |
string |
|
| requestParameters.amazonProvidedIpv6CidrBlock |
string |
|
| requestParameters.architecture |
string |
x86_64 |
| requestParameters.assignmentStatus |
string |
|
| requestParameters.assumeRolePolicyDocument |
string |
|
| requestParameters.attribute |
string |
|
| requestParameters.attributeName |
string |
restore |
| requestParameters.attributeType |
string |
launchPermission |
| requestParameters.availabilityZone |
string |
|
| requestParameters.availabilityZoneSet.items{}.zoneName |
string |
|
| requestParameters.blockDeviceMapping.items{}.deviceName |
string |
/dev/xvda |
| requestParameters.blockDeviceMapping.items{}.ebs.deleteOnTermination |
string |
true |
| requestParameters.blockDeviceMapping.items{}.ebs.snapshotId |
string |
snap-01648b83347c7cd84 |
| requestParameters.blockDeviceMapping.items{}.ebs.volumeSize |
string |
|
| requestParameters.blockDeviceMapping.items{}.ebs.volumeType |
string |
standard |
| requestParameters.bucket |
string |
|
| requestParameters.bucketName |
string |
stratus-red-team-lambda-function-code-rfuyylntethctvoz |
| requestParameters.bucketPolicy.Statement{}.Action |
string |
|
| requestParameters.bucketPolicy.Statement{}.Action{} |
string |
|
| requestParameters.bucketPolicy.Statement{}.Condition.StringEquals.s3:x-amz-acl |
string |
|
| requestParameters.bucketPolicy.Statement{}.Effect |
string |
|
| requestParameters.bucketPolicy.Statement{}.Principal.AWS |
string |
|
| requestParameters.bucketPolicy.Statement{}.Principal.Service |
string |
|
| requestParameters.bucketPolicy.Statement{}.Resource |
string |
|
| requestParameters.bucketPolicy.Statement{}.Resource{} |
string |
|
| requestParameters.bucketPolicy.Statement{}.Sid |
string |
|
| requestParameters.bucketPolicy.Version |
string |
|
| requestParameters.bypassPolicyLockoutSafetyCheck |
string |
|
| requestParameters.cidrBlock |
string |
|
| requestParameters.clientRequestToken |
string |
|
| requestParameters.clientToken |
string |
6FB79181-CFBB-45C0-9E22-9BFE1D7C53B1 |
| requestParameters.code.s3Bucket |
string |
stratus-red-team-lambda-function-code-rfuyylntethctvoz |
| requestParameters.code.s3Key |
string |
index.zip |
| requestParameters.commandId |
string |
|
| requestParameters.computerName |
string |
|
| requestParameters.configurationARN |
string |
|
| requestParameters.contentType |
string |
|
| requestParameters.continuation-token |
string |
|
| requestParameters.cors |
string |
|
| requestParameters.createVolumePermission.add.items{}.group |
string |
|
| requestParameters.createVolumePermission.add.items{}.userId |
string |
|
| requestParameters.createVolumePermission.remove.items{}.group |
string |
|
| requestParameters.customerMasterKeySpec |
string |
|
| requestParameters.dBSnapshotIdentifier |
string |
exfiltration |
| requestParameters.dashboardName |
string |
|
| requestParameters.delimiter |
string |
|
| requestParameters.deliveryStreamName |
string |
|
| requestParameters.description |
string |
|
| requestParameters.destinationCidrBlock |
string |
|
| requestParameters.dhcpOptionsSet.items{}.dhcpOptionsId |
string |
|
| requestParameters.disableApiTermination |
string |
|
| requestParameters.documentName |
string |
|
| requestParameters.dryRun |
string |
|
| requestParameters.durationSeconds |
string |
|
| requestParameters.ebsOptimized |
string |
|
| requestParameters.egress |
string |
|
| requestParameters.enaSupport |
string |
false |
| requestParameters.encoding-type |
string |
|
| requestParameters.encryption |
string |
|
| requestParameters.encryptionAlgorithm |
string |
|
| requestParameters.encryptionContext.PARAMETER_ARN |
string |
|
| requestParameters.encryptionContext.SecretARN |
string |
|
| requestParameters.encryptionContext.SecretVersionId |
string |
|
| requestParameters.encryptionContext.aws:acm:arn |
string |
|
| requestParameters.encryptionContext.aws:cloudfront:arn |
string |
|
| requestParameters.encryptionContext.aws:lambda:FunctionArn |
string |
|
| requestParameters.encryptionContext.aws:s3:arn |
string |
|
| requestParameters.eventSelectors{}.dataResources{}.type |
string |
|
| requestParameters.eventSelectors{}.includeManagementEvents |
string |
|
| requestParameters.eventSelectors{}.readWriteType |
string |
|
| requestParameters.excludeAutoscalingAlarms |
string |
|
| requestParameters.excludeManagedAlarms |
string |
|
| requestParameters.fetch-owner |
string |
|
| requestParameters.filter.eventStatusCodes{} |
string |
|
| requestParameters.filter.eventTypeCategories{} |
string |
|
| requestParameters.filter.startTimes{}.from |
string |
|
| requestParameters.filterSet.items{}.name |
string |
state |
| requestParameters.filterSet.items{}.valueSet.items{}.value |
string |
available |
| requestParameters.filters{}.key |
string |
|
| requestParameters.filters{}.name |
string |
|
| requestParameters.filters{}.values{} |
string |
|
| requestParameters.force |
string |
false |
| requestParameters.forceDeleteWithoutRecovery |
string |
|
| requestParameters.forceOverwriteReplicaSecret |
string |
|
| requestParameters.fullyQualifiedArn.arnPrefix.account |
string |
|
| requestParameters.fullyQualifiedArn.arnPrefix.partition |
string |
|
| requestParameters.fullyQualifiedArn.arnPrefix.region |
string |
|
| requestParameters.fullyQualifiedArn.relativeId.functionName |
string |
|
| requestParameters.functionName |
string |
stratus-sample-lambda-function |
| requestParameters.gatewayId |
string |
|
| requestParameters.groupDescription |
string |
|
| requestParameters.groupId |
string |
|
| requestParameters.groupName |
string |
|
| requestParameters.handler |
string |
index.test |
| requestParameters.hibernationOptions.configured |
string |
|
| requestParameters.iPAddress |
string |
|
| requestParameters.iamInstanceProfile.name |
string |
|
| requestParameters.imageId |
string |
ami-019631b4b3fbc5d7d |
| requestParameters.imageId.imageDigest |
string |
|
| requestParameters.imageManifest |
string |
|
| requestParameters.imageManifestMediaType |
string |
|
| requestParameters.imageTag |
string |
|
| requestParameters.imagesSet.items{}.imageId |
string |
ami-019631b4b3fbc5d7d |
| requestParameters.includeAllInstances |
string |
|
| requestParameters.includeBlacklistedFeatures |
string |
|
| requestParameters.includeDeprecatedFeaturesAccess |
string |
|
| requestParameters.includeDeprecatedRuntimeDetails |
string |
|
| requestParameters.includeGlobalServiceEvents |
string |
|
| requestParameters.includePreviewFeatures |
string |
|
| requestParameters.includePublic |
string |
false |
| requestParameters.includeShared |
string |
false |
| requestParameters.includeUnreservedConcurrentExecutionsMinimum |
string |
|
| requestParameters.instanceId |
string |
|
| requestParameters.instanceIds{} |
string |
|
| requestParameters.instanceTenancy |
string |
|
| requestParameters.instanceType |
string |
|
| requestParameters.instancesSet.items{}.imageId |
string |
|
| requestParameters.instancesSet.items{}.instanceId |
string |
|
| requestParameters.instancesSet.items{}.keyName |
string |
|
| requestParameters.instancesSet.items{}.maxCount |
string |
|
| requestParameters.instancesSet.items{}.minCount |
string |
|
| requestParameters.interactive |
string |
|
| requestParameters.internetGatewayIdSet.items{}.internetGatewayId |
string |
|
| requestParameters.invocationType |
string |
|
| requestParameters.ipPermissions.items{}.fromPort |
string |
|
| requestParameters.ipPermissions.items{}.ipProtocol |
string |
|
| requestParameters.ipPermissions.items{}.ipRanges.items{}.cidrIp |
string |
|
| requestParameters.ipPermissions.items{}.ipv6Ranges.items{}.cidrIpv6 |
string |
|
| requestParameters.ipPermissions.items{}.toPort |
string |
|
| requestParameters.key |
string |
index.zip |
| requestParameters.keyId |
string |
|
| requestParameters.keySpec |
string |
|
| requestParameters.keyUsage |
string |
|
| requestParameters.launchPermission.add.items{}.userId |
string |
|
| requestParameters.launchPermission.remove.items{}.userId |
string |
|
| requestParameters.lifecycle |
string |
|
| requestParameters.limit |
string |
|
| requestParameters.list-type |
integer |
|
| requestParameters.logGroupName |
string |
|
| requestParameters.logGroupNamePrefix |
string |
|
| requestParameters.logging |
string |
|
| requestParameters.mapPublicIpOnLaunch.value |
string |
|
| requestParameters.max-keys |
string |
|
| requestParameters.maxItems |
string |
|
| requestParameters.maxRecords |
string |
|
| requestParameters.maxResults |
string |
|
| requestParameters.maxSessionDuration |
string |
|
| requestParameters.memorySize |
string |
|
| requestParameters.metrics |
string |
|
| requestParameters.monitoring.enabled |
string |
|
| requestParameters.name |
string |
stratus-red-team-ami |
| requestParameters.names{} |
string |
|
| requestParameters.natGatewayId |
string |
|
| requestParameters.networkAclId |
string |
|
| requestParameters.networkAclIdSet.items{}.networkAclId |
string |
|
| requestParameters.networkInterfaceSet.items{}.deviceIndex |
string |
|
| requestParameters.networkInterfaceSet.items{}.groupSet.items{}.groupId |
string |
|
| requestParameters.networkInterfaceSet.items{}.privateIpAddress |
string |
|
| requestParameters.networkInterfaceSet.items{}.subnetId |
string |
|
| requestParameters.nextToken |
string |
|
| requestParameters.object-lock |
string |
|
| requestParameters.onlyAttached |
string |
|
| requestParameters.origin |
string |
|
| requestParameters.overwrite |
string |
|
| requestParameters.ownersSet.items{}.owner |
string |
|
| requestParameters.ownershipControls |
string |
|
| requestParameters.packageType |
string |
Zip |
| requestParameters.paginationToken |
string |
|
| requestParameters.parameterFilters{}.key |
string |
|
| requestParameters.parameterFilters{}.option |
string |
|
| requestParameters.parameterFilters{}.values{} |
string |
|
| requestParameters.parameters |
string |
|
| requestParameters.passwordResetRequired |
string |
|
| requestParameters.path |
string |
|
| requestParameters.pendingWindowInDays |
string |
|
| requestParameters.platformName |
string |
|
| requestParameters.platformType |
string |
|
| requestParameters.platformVersion |
string |
|
| requestParameters.policy |
string |
|
| requestParameters.policyArn |
string |
|
| requestParameters.policyDocument |
string |
|
| requestParameters.policyName |
string |
|
| requestParameters.policyStatus |
string |
|
| requestParameters.portRange.from |
string |
|
| requestParameters.portRange.to |
string |
|
| requestParameters.prefix |
string |
|
| requestParameters.principal |
string |
* |
| requestParameters.principalArn |
string |
|
| requestParameters.publicAccessBlock |
string |
|
| requestParameters.publish |
string |
false |
| requestParameters.registryId |
string |
|
| requestParameters.replication |
string |
|
| requestParameters.repositoryName |
string |
|
| requestParameters.requestPayment |
string |
|
| requestParameters.resourceId |
string |
|
| requestParameters.resourceIdList{} |
string |
|
| requestParameters.resourceName |
string |
arn:aws:rds:us-west-1:025042951592:snapshot:exfiltration |
| requestParameters.resourceType |
string |
|
| requestParameters.resourceTypeFilters{} |
string |
|
| requestParameters.resourcesPerPage |
string |
|
| requestParameters.resourcesSet.items{}.resourceId |
string |
ami-019631b4b3fbc5d7d |
| requestParameters.response-content-disposition |
string |
|
| requestParameters.role |
string |
arn:aws:iam::025042951592:role/lambda-function-role-stratus-red-team |
| requestParameters.roleArn |
string |
arn:aws:iam::025042951592:role/lambda-function-role-stratus-red-team |
| requestParameters.roleName |
string |
|
| requestParameters.roleSessionName |
string |
awslambda_607_20220613182751402 |
| requestParameters.rootDeviceName |
string |
/dev/xvda |
| requestParameters.routeTableId |
string |
|
| requestParameters.routeTableIdSet.items{}.routeTableId |
string |
|
| requestParameters.ruleAction |
string |
|
| requestParameters.ruleNumber |
string |
|
| requestParameters.runtime |
string |
nodejs12.x |
| requestParameters.s3BucketName |
string |
|
| requestParameters.sAMLAssertionID |
string |
|
| requestParameters.sAMLMetadataDocument |
string |
|
| requestParameters.sAMLProviderArn |
string |
|
| requestParameters.secretId |
string |
|
| requestParameters.securityGroupIdSet.items{}.groupId |
string |
|
| requestParameters.setAsDefault |
string |
|
| requestParameters.sharedUsersSet.items{}.user |
string |
|
| requestParameters.showSubscriptionDestinations |
string |
|
| requestParameters.size |
string |
|
| requestParameters.snapshotId |
string |
snap-01648b83347c7cd84 |
| requestParameters.snapshotSet.items{}.snapshotId |
string |
snap-01648b83347c7cd84 |
| requestParameters.sourceAccount |
string |
|
| requestParameters.sourceArn |
string |
|
| requestParameters.sriovNetSupport |
string |
simple |
| requestParameters.statementId |
string |
backdoor |
| requestParameters.subnetId |
string |
|
| requestParameters.subnetSet.items{}.subnetId |
string |
|
| requestParameters.tagSet.items{}.key |
string |
StratusRedTeam |
| requestParameters.tagSet.items{}.value |
string |
true |
| requestParameters.tagSpecificationSet.items{}.resourceType |
string |
snapshot |
| requestParameters.tagSpecificationSet.items{}.tags{}.key |
string |
StratusRedTeam |
| requestParameters.tagSpecificationSet.items{}.tags{}.value |
string |
true |
| requestParameters.tagging |
string |
|
| requestParameters.tags.StratusRedTeam |
string |
true |
| requestParameters.tagsList{}.key |
string |
|
| requestParameters.tagsList{}.value |
string |
|
| requestParameters.tags{}.key |
string |
|
| requestParameters.tags{}.tagKey |
string |
|
| requestParameters.tags{}.tagValue |
string |
|
| requestParameters.tags{}.value |
string |
|
| requestParameters.targetKeyId |
string |
|
| requestParameters.tier |
string |
|
| requestParameters.timeout |
string |
|
| requestParameters.trailName |
string |
|
| requestParameters.trailNameList{} |
string |
|
| requestParameters.type |
string |
|
| requestParameters.userData |
string |
|
| requestParameters.userName |
string |
|
| requestParameters.valuesToAdd{} |
string |
|
| requestParameters.versionId |
string |
|
| requestParameters.versioning |
string |
|
| requestParameters.versions |
string |
|
| requestParameters.volumeId |
string |
vol-0ef1df71764623508 |
| requestParameters.volumeSet.items{}.volumeId |
string |
vol-0ef1df71764623508 |
| requestParameters.vpcId |
string |
|
| requestParameters.vpcSet.items{}.vpcId |
string |
|
| requestParameters.vpcSet.item{}.vpcId |
string |
|
| requestParameters.website |
string |
|
| requestParameters.withDecryption |
string |
|
| requestParameters.x-amz-acl |
string |
private |
| requestParameters.x-amz-copy-source |
string |
|
| requestParameters.x-amz-server-side-encryption |
string |
AES256 |
| requestParameters.x-amz-server-side-encryption-aws-kms-key-id |
string |
|
| requestParameters.zone |
string |
us-west-1b |
| resources{}.ARN |
string |
arn:aws:s3:::stratus-red-team-lambda-function-code-rfuyylntethctvoz |
| resources{}.ARNPrefix |
string |
arn:aws:s3:::stratus-red-team-lambda-function-code-rfuyylntethctvoz/ |
| resources{}.accountId |
integer |
025042951592 |
| resources{}.type |
string |
AWS::S3::Bucket |
| responseElements |
string |
null |
| responseElements.ConsoleLogin |
string |
|
| responseElements.CreateFlowLogsResponse.clientToken |
string |
|
| responseElements.CreateFlowLogsResponse.flowLogIdSet.item |
string |
|
| responseElements.CreateFlowLogsResponse.requestId |
string |
|
| responseElements.CreateFlowLogsResponse.unsuccessful |
string |
|
| responseElements.CreateFlowLogsResponse.xmlns |
string |
|
| responseElements.CreateNatGatewayResponse.clientToken |
string |
|
| responseElements.CreateNatGatewayResponse.natGateway.createTime |
string |
|
| responseElements.CreateNatGatewayResponse.natGateway.natGatewayAddressSet.item.allocationId |
string |
|
| responseElements.CreateNatGatewayResponse.natGateway.natGatewayId |
string |
|
| responseElements.CreateNatGatewayResponse.natGateway.state |
string |
|
| responseElements.CreateNatGatewayResponse.natGateway.subnetId |
string |
|
| responseElements.CreateNatGatewayResponse.natGateway.tagSet.item.key |
string |
|
| responseElements.CreateNatGatewayResponse.natGateway.tagSet.item.value |
string |
|
| responseElements.CreateNatGatewayResponse.natGateway.vpcId |
string |
|
| responseElements.CreateNatGatewayResponse.requestId |
string |
|
| responseElements.CreateNatGatewayResponse.xmlns |
string |
|
| responseElements.DeleteFlowLogsResponse.requestId |
string |
|
| responseElements.DeleteFlowLogsResponse.unsuccessful |
string |
|
| responseElements.DeleteFlowLogsResponse.xmlns |
string |
|
| responseElements._return |
string |
true |
| responseElements.aRN |
string |
|
| responseElements.accessKey.accessKeyId |
string |
|
| responseElements.accessKey.createDate |
string |
|
| responseElements.accessKey.status |
string |
|
| responseElements.accessKey.userName |
string |
|
| responseElements.account |
string |
|
| responseElements.allocationId |
string |
|
| responseElements.architectures{} |
string |
|
| responseElements.associationId |
string |
|
| responseElements.associationState.state |
string |
|
| responseElements.assumedRoleUser.arn |
string |
|
| responseElements.assumedRoleUser.assumedRoleId |
string |
|
| responseElements.audience |
string |
|
| responseElements.codeSha256 |
string |
6mU00z0AtY615GKqrB2BcmV8gc8FQJReR64GOMZi2pM= |
| responseElements.codeSize |
string |
|
| responseElements.command.clientName |
string |
|
| responseElements.command.clientSourceId |
string |
|
| responseElements.command.cloudWatchOutputConfig.cloudWatchLogGroupName |
string |
|
| responseElements.command.cloudWatchOutputConfig.cloudWatchOutputEnabled |
string |
|
| responseElements.command.commandId |
string |
|
| responseElements.command.comment |
string |
|
| responseElements.command.completedCount |
string |
|
| responseElements.command.deliveryTimedOutCount |
string |
|
| responseElements.command.documentName |
string |
|
| responseElements.command.documentVersion |
string |
|
| responseElements.command.errorCount |
string |
|
| responseElements.command.expiresAfter |
string |
|
| responseElements.command.instanceIds{} |
string |
|
| responseElements.command.interactive |
string |
|
| responseElements.command.maxConcurrency |
string |
|
| responseElements.command.maxErrors |
string |
|
| responseElements.command.notificationConfig.notificationArn |
string |
|
| responseElements.command.notificationConfig.notificationType |
string |
|
| responseElements.command.outputS3BucketName |
string |
|
| responseElements.command.outputS3KeyPrefix |
string |
|
| responseElements.command.outputS3Region |
string |
|
| responseElements.command.parameters |
string |
|
| responseElements.command.requestedDateTime |
string |
|
| responseElements.command.serviceRole |
string |
|
| responseElements.command.status |
string |
|
| responseElements.command.statusDetails |
string |
|
| responseElements.command.targetCount |
string |
|
| responseElements.command.timeoutSeconds |
string |
|
| responseElements.createTime |
string |
|
| responseElements.credentials.accessKeyId |
string |
ASIAQLVFNDWUMCL4IOFX |
| responseElements.credentials.expiration |
string |
Jun 14, 2022, 6:27:51 AM |
| responseElements.credentials.sessionToken |
string |
IQoJb3JpZ2luX2VjEHMaCXVzLXdlc3QtMSJIMEYCIQDwTz2qklRbZqHDNWVPvx5VVtkl4WNH+Li/5yhPvE2PhAIhAIp0YkwVIgBhAidsXcPB2Hx9t9ltdJi4SQ06B6pLUVNlKqQCCHwQABoMMDI1MDQyOTUxNTkyIgxR5+/GuMB6aUdgxhkqgQJrPssh4+/Ud/jP2pVcN98oJtx+FxuHp+n3VsXHqZahQbu3AvSkwjk6aZG15zBG8OaC8MFHAoIVX365pX5jxioj4jLS/CX//D+ApHBQ1AWqCx0AIHv1gOAs3LnjFclNO+rdjn6KnL7ueBqydKypA9EpxRiRLGEh+EioJaAoyoZImbp06F7YwcdV+yxWlK4ojQfrpN1CAn/rlWyBCJcDhOim/8qhbTcnWtucSZ/w8iudTS3/JCqq2011jeebeh4CVSkXyfOt/MowH8mqTyPCCHVUzrjF9yR9Num+4RFttmQZiB3mVszm2xov36Hu9HlX4HF0deDMHvTyVIHimJ/GoMec9zCng56VBjqZATXoMqiKuBWtcSRDMo2MkQtljlThPZTQ1Ry7DG8cRLgXvJVrlZuWvxEL/ygMgVdx7SpmvqAhLwNBFbHuTpSWc+k2uPNwZsheS69VwZ3jPMh+lOXZ182wmYYR3qGjkI3anrJzBc16atnFjBFqDEypE+1LjopkWxEfbWvD3sRmx7sO7iCpLgECph2+tHbhR4nQQv4bZv0LW+v8eg== |
| responseElements.dBSnapshotAttributes{}.attributeName |
string |
restore |
| responseElements.dBSnapshotAttributes{}.attributeValues{} |
string |
|
| responseElements.dBSnapshotIdentifier |
string |
exfiltration |
| responseElements.deletionDate |
string |
|
| responseElements.description |
string |
|
| responseElements.domain |
string |
|
| responseElements.encrypted |
string |
false |
| responseElements.ephemeralStorage.size |
string |
|
| responseElements.eventSelectors{}.dataResources{}.type |
string |
|
| responseElements.eventSelectors{}.includeManagementEvents |
string |
|
| responseElements.eventSelectors{}.readWriteType |
string |
|
| responseElements.functionArn |
string |
arn:aws:lambda:us-west-1:025042951592:function:stratus-sample-lambda-function |
| responseElements.functionName |
string |
stratus-sample-lambda-function |
| responseElements.groupId |
string |
|
| responseElements.handler |
string |
index.test |
| responseElements.image.imageId.imageDigest |
string |
|
| responseElements.image.imageId.imageTag |
string |
|
| responseElements.image.imageManifest |
string |
|
| responseElements.image.imageManifestMediaType |
string |
|
| responseElements.image.registryId |
string |
|
| responseElements.image.repositoryName |
string |
|
| responseElements.imageId |
string |
ami-019631b4b3fbc5d7d |
| responseElements.imageId.imageDigest |
string |
|
| responseElements.imageScanFindings.findingSeverityCounts.HIGH |
string |
|
| responseElements.imageScanFindings.findingSeverityCounts.INFORMATIONAL |
string |
|
| responseElements.imageScanFindings.findingSeverityCounts.LOW |
string |
|
| responseElements.imageScanFindings.findingSeverityCounts.MEDIUM |
string |
|
| responseElements.imageScanFindings.findingSeverityCounts.UNDEFINED |
string |
|
| responseElements.imageScanFindings.findings{}.attributes{}.key |
string |
|
| responseElements.imageScanFindings.findings{}.attributes{}.value |
string |
|
| responseElements.imageScanFindings.findings{}.description |
string |
|
| responseElements.imageScanFindings.findings{}.name |
string |
|
| responseElements.imageScanFindings.findings{}.severity |
string |
|
| responseElements.imageScanFindings.findings{}.uri |
string |
|
| responseElements.imageScanFindings.imageScanCompletedAt |
string |
|
| responseElements.imageScanFindings.vulnerabilitySourceUpdatedAt |
string |
|
| responseElements.imageScanStatus.description |
string |
|
| responseElements.imageScanStatus.status |
string |
|
| responseElements.includeGlobalServiceEvents |
string |
|
| responseElements.instancesSet.items{}.amiLaunchIndex |
string |
|
| responseElements.instancesSet.items{}.architecture |
string |
|
| responseElements.instancesSet.items{}.capacityReservationSpecification.capacityReservationPreference |
string |
|
| responseElements.instancesSet.items{}.clientToken |
string |
|
| responseElements.instancesSet.items{}.cpuOptions.coreCount |
string |
|
| responseElements.instancesSet.items{}.cpuOptions.threadsPerCore |
string |
|
| responseElements.instancesSet.items{}.ebsOptimized |
string |
|
| responseElements.instancesSet.items{}.enaSupport |
string |
|
| responseElements.instancesSet.items{}.enclaveOptions.enabled |
string |
|
| responseElements.instancesSet.items{}.groupSet.items{}.groupId |
string |
|
| responseElements.instancesSet.items{}.groupSet.items{}.groupName |
string |
|
| responseElements.instancesSet.items{}.hibernationOptions.configured |
string |
|
| responseElements.instancesSet.items{}.hypervisor |
string |
|
| responseElements.instancesSet.items{}.iamInstanceProfile.arn |
string |
|
| responseElements.instancesSet.items{}.iamInstanceProfile.id |
string |
|
| responseElements.instancesSet.items{}.imageId |
string |
|
| responseElements.instancesSet.items{}.instanceId |
string |
|
| responseElements.instancesSet.items{}.instanceState.code |
string |
|
| responseElements.instancesSet.items{}.instanceState.name |
string |
|
| responseElements.instancesSet.items{}.instanceType |
string |
|
| responseElements.instancesSet.items{}.keyName |
string |
|
| responseElements.instancesSet.items{}.launchTime |
string |
|
| responseElements.instancesSet.items{}.metadataOptions.httpEndpoint |
string |
|
| responseElements.instancesSet.items{}.metadataOptions.httpPutResponseHopLimit |
string |
|
| responseElements.instancesSet.items{}.metadataOptions.httpTokens |
string |
|
| responseElements.instancesSet.items{}.metadataOptions.state |
string |
|
| responseElements.instancesSet.items{}.monitoring.state |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.attachment.attachTime |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.attachment.attachmentId |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.attachment.deleteOnTermination |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.attachment.deviceIndex |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.attachment.status |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.groupSet.items{}.groupId |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.groupSet.items{}.groupName |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.interfaceType |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.macAddress |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.networkInterfaceId |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.ownerId |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.privateDnsName |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.privateIpAddress |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.privateIpAddressesSet.item{}.primary |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.privateIpAddressesSet.item{}.privateDnsName |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.privateIpAddressesSet.item{}.privateIpAddress |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.sourceDestCheck |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.status |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.subnetId |
string |
|
| responseElements.instancesSet.items{}.networkInterfaceSet.items{}.vpcId |
string |
|
| responseElements.instancesSet.items{}.placement.availabilityZone |
string |
|
| responseElements.instancesSet.items{}.placement.tenancy |
string |
|
| responseElements.instancesSet.items{}.privateDnsName |
string |
|
| responseElements.instancesSet.items{}.privateIpAddress |
string |
|
| responseElements.instancesSet.items{}.rootDeviceName |
string |
|
| responseElements.instancesSet.items{}.rootDeviceType |
string |
|
| responseElements.instancesSet.items{}.sourceDestCheck |
string |
|
| responseElements.instancesSet.items{}.stateReason.code |
string |
|
| responseElements.instancesSet.items{}.stateReason.message |
string |
|
| responseElements.instancesSet.items{}.subnetId |
string |
|
| responseElements.instancesSet.items{}.tagSet.items{}.key |
string |
|
| responseElements.instancesSet.items{}.tagSet.items{}.value |
string |
|
| responseElements.instancesSet.items{}.virtualizationType |
string |
|
| responseElements.instancesSet.items{}.vpcId |
string |
|
| responseElements.iops |
string |
|
| responseElements.isMultiRegionTrail |
string |
|
| responseElements.isOrganizationTrail |
string |
|
| responseElements.isTruncated |
string |
|
| responseElements.issuer |
string |
|
| responseElements.keyId |
string |
|
| responseElements.keyMetadata.aWSAccountId |
string |
|
| responseElements.keyMetadata.arn |
string |
|
| responseElements.keyMetadata.creationDate |
string |
|
| responseElements.keyMetadata.customerMasterKeySpec |
string |
|
| responseElements.keyMetadata.description |
string |
|
| responseElements.keyMetadata.enabled |
string |
|
| responseElements.keyMetadata.encryptionAlgorithms{} |
string |
|
| responseElements.keyMetadata.keyId |
string |
|
| responseElements.keyMetadata.keyManager |
string |
|
| responseElements.keyMetadata.keyState |
string |
|
| responseElements.keyMetadata.keyUsage |
string |
|
| responseElements.keyMetadata.origin |
string |
|
| responseElements.lastModified |
string |
2022-06-13T18:27:51.394+0000 |
| responseElements.lastUpdateStatus |
string |
|
| responseElements.lastUpdateStatusReason |
string |
|
| responseElements.lastUpdateStatusReasonCode |
string |
|
| responseElements.logFileValidationEnabled |
string |
|
| responseElements.loginProfile.createDate |
string |
|
| responseElements.loginProfile.passwordResetRequired |
string |
|
| responseElements.loginProfile.userName |
string |
|
| responseElements.memorySize |
string |
|
| responseElements.multiAttachEnabled |
string |
false |
| responseElements.name |
string |
|
| responseElements.nameQualifier |
string |
|
| responseElements.networkAcl.entrySet.items{}.aclProtocol |
string |
|
| responseElements.networkAcl.entrySet.items{}.cidrBlock |
string |
|
| responseElements.networkAcl.entrySet.items{}.egress |
string |
|
| responseElements.networkAcl.entrySet.items{}.ruleAction |
string |
|
| responseElements.networkAcl.entrySet.items{}.ruleNumber |
string |
|
| responseElements.networkAcl.isDefault |
string |
|
| responseElements.networkAcl.networkAclId |
string |
|
| responseElements.networkAcl.ownerId |
string |
|
| responseElements.networkAcl.tagSet.items{}.key |
string |
|
| responseElements.networkAcl.tagSet.items{}.value |
string |
|
| responseElements.networkAcl.vpcId |
string |
|
| responseElements.networkBorderGroup |
string |
|
| responseElements.ownerId |
string |
|
| responseElements.packageType |
string |
Zip |
| responseElements.pendingModifiedValues.masterUserPassword |
string |
|
| responseElements.policyVersion.createDate |
string |
|
| responseElements.policyVersion.isDefaultVersion |
string |
|
| responseElements.policyVersion.versionId |
string |
|
| responseElements.publicIp |
string |
|
| responseElements.publicIpv4Pool |
string |
|
| responseElements.publiclyAccessible |
string |
|
| responseElements.registryId |
string |
|
| responseElements.repositoryName |
string |
|
| responseElements.requestId |
string |
0a47f9a0-abc4-44e7-ad40-c8e835ee3a9e |
| responseElements.reservationId |
string |
|
| responseElements.revisionId |
string |
081557de-5e57-4649-b3c9-237a89c1937b |
| responseElements.role |
string |
arn:aws:iam::025042951592:role/lambda-function-role-stratus-red-team |
| responseElements.role.arn |
string |
|
| responseElements.role.assumeRolePolicyDocument |
string |
|
| responseElements.role.createDate |
string |
|
| responseElements.role.path |
string |
|
| responseElements.role.roleId |
string |
|
| responseElements.role.roleName |
string |
|
| responseElements.role.tags{}.key |
string |
|
| responseElements.role.tags{}.value |
string |
|
| responseElements.routeTable.routeTableId |
string |
|
| responseElements.runtime |
string |
nodejs12.x |
| responseElements.s3BucketName |
string |
|
| responseElements.sAMLProviderArn |
string |
|
| responseElements.sAMLProviderList{}.arn |
string |
|
| responseElements.sAMLProviderList{}.createDate |
string |
|
| responseElements.sAMLProviderList{}.validUntil |
string |
|
| responseElements.size |
string |
|
| responseElements.snapshotId |
string |
snap-01648b83347c7cd84 |
| responseElements.startTime |
string |
|
| responseElements.state |
string |
Pending |
| responseElements.stateReason |
string |
The function is being created. |
| responseElements.stateReasonCode |
string |
Creating |
| responseElements.statement |
string |
{"Sid":"backdoor","Effect":"Allow","Principal":"*","Action":"lambda:InvokeFunction","Resource":"arn:aws:lambda:us-west-1:025042951592:function:stratus-sample-lambda-function"} |
| responseElements.status |
string |
creating |
| responseElements.subject |
string |
|
| responseElements.subjectType |
string |
|
| responseElements.subnet.assignIpv6AddressOnCreation |
string |
|
| responseElements.subnet.availabilityZone |
string |
|
| responseElements.subnet.availabilityZoneId |
string |
|
| responseElements.subnet.availableIpAddressCount |
string |
|
| responseElements.subnet.cidrBlock |
string |
|
| responseElements.subnet.defaultForAz |
string |
|
| responseElements.subnet.mapPublicIpOnLaunch |
string |
|
| responseElements.subnet.ownerId |
string |
|
| responseElements.subnet.state |
string |
|
| responseElements.subnet.subnetArn |
string |
|
| responseElements.subnet.subnetId |
string |
|
| responseElements.subnet.tagSet.items{}.key |
string |
|
| responseElements.subnet.tagSet.items{}.value |
string |
|
| responseElements.subnet.vpcId |
string |
|
| responseElements.tagSet.items{}.key |
string |
StratusRedTeam |
| responseElements.tagSet.items{}.value |
string |
true |
| responseElements.tags.StratusRedTeam |
string |
|
| responseElements.tier |
string |
|
| responseElements.timeout |
string |
|
| responseElements.tracingConfig.mode |
string |
PassThrough |
| responseElements.trailARN |
string |
|
| responseElements.user.arn |
string |
|
| responseElements.user.createDate |
string |
|
| responseElements.user.path |
string |
|
| responseElements.user.tags{}.key |
string |
|
| responseElements.user.tags{}.value |
string |
|
| responseElements.user.userId |
string |
|
| responseElements.user.userName |
string |
|
| responseElements.userId |
string |
|
| responseElements.version |
string |
$LATEST |
| responseElements.volumeId |
string |
vol-07ef081a010bd9074 |
| responseElements.volumeSize |
string |
|
| responseElements.volumeType |
string |
gp2 |
| responseElements.vpc.cidrBlock |
string |
|
| responseElements.vpc.cidrBlockAssociationSet.items{}.associationId |
string |
|
| responseElements.vpc.cidrBlockAssociationSet.items{}.cidrBlock |
string |
|
| responseElements.vpc.cidrBlockAssociationSet.items{}.cidrBlockState.state |
string |
|
| responseElements.vpc.dhcpOptionsId |
string |
|
| responseElements.vpc.instanceTenancy |
string |
|
| responseElements.vpc.isDefault |
string |
|
| responseElements.vpc.ownerId |
string |
|
| responseElements.vpc.state |
string |
|
| responseElements.vpc.tagSet.items{}.key |
string |
|
| responseElements.vpc.tagSet.items{}.value |
string |
|
| responseElements.vpc.vpcId |
string |
|
| responseElements.x-amz-server-side-encryption |
string |
AES256 |
| responseElements.x-amz-server-side-encryption-aws-kms-key-id |
string |
|
| responseElements.x-amz-version-id |
string |
|
| responseElements.zone |
string |
us-west-1b |
| result |
string |
Must specify userName when calling with non-User credentials |
| result_id |
string |
InvalidParameterValueException |
| rule_action |
string |
|
| serviceEventDetails.snapshotId |
string |
|
| sessionCredentialFromConsole |
string |
|
| session_id |
string |
|
| sharedEventID |
string |
06fd6264-82cb-48d8-a0e1-34f5e6326264 |
| sigma_product |
string |
aws |
| sigma_service |
string |
cloudtrail |
| signature |
string |
DescribeDBSnapshots |
| snapattack_session |
string |
|
| sourceIPAddress |
string |
3.236.180.139 |
| splunk_server |
string |
|
| splunk_server_group |
string |
|
| src |
string |
3.236.180.139 |
| src_ip |
string |
3.236.180.139 |
| src_ip_range |
string |
|
| src_port_range |
string |
|
| src_user |
string |
AWSReservedSSO_AdministratorAccess_3f08c07f980fa64d |
| src_user_id |
string |
AROAQLVFNDWUDM3SAVMSL:ttait@snapattack.com |
| src_user_name |
string |
|
| src_user_role |
string |
|
| src_user_type |
string |
AssumedRole |
| start_time |
string |
2022-06-13T18:27:43Z |
| temp_access_key |
string |
ASIAQLVFNDWUMCL4IOFX |
| timeendpos |
integer |
778 |
| timestartpos |
integer |
758 |
| tlsDetails.cipherSuite |
string |
ECDHE-RSA-AES128-GCM-SHA256 |
| tlsDetails.clientProvidedHostHeader |
string |
ec2.us-west-1.amazonaws.com |
| tlsDetails.tlsVersion |
string |
TLSv1.2 |
| userAgent |
string |
APN/1.0 HashiCorp/1.0 Terraform/1.1.2 (+https://www.terraform.io) terraform-provider-aws/3.71.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.42.25 (go1.16; linux; amd64) stratus-red-team HashiCorp-terraform-exec/0.15.0 |
| userIdentity.accessKeyId |
string |
ASIAQLVFNDWUHAOS6DPR |
| userIdentity.accountId |
integer |
025042951592 |
| userIdentity.arn |
string |
arn:aws:sts::025042951592:assumed-role/AWSReservedSSO_AdministratorAccess_3f08c07f980fa64d/ttait@snapattack.com |
| userIdentity.identityProvider |
string |
|
| userIdentity.invokedBy |
string |
lambda.amazonaws.com |
| userIdentity.principalId |
string |
AROAQLVFNDWUDM3SAVMSL:ttait@snapattack.com |
| userIdentity.sessionContext.attributes.creationDate |
string |
2022-06-13T16:41:44Z |
| userIdentity.sessionContext.attributes.mfaAuthenticated |
string |
false |
| userIdentity.sessionContext.ec2RoleDelivery |
string |
|
| userIdentity.sessionContext.sessionIssuer.accountId |
string |
|
| userIdentity.sessionContext.sessionIssuer.arn |
string |
arn:aws:iam::025042951592:role/aws-reserved/sso.amazonaws.com/AWSReservedSSO_AdministratorAccess_3f08c07f980fa64d |
| userIdentity.sessionContext.sessionIssuer.principalId |
string |
AROAQLVFNDWUDM3SAVMSL |
| userIdentity.sessionContext.sessionIssuer.type |
string |
Role |
| userIdentity.sessionContext.sessionIssuer.userName |
string |
AWSReservedSSO_AdministratorAccess_3f08c07f980fa64d |
| userIdentity.type |
string |
AssumedRole |
| userIdentity.userName |
string |
|
| userName |
string |
AWSReservedSSO_AdministratorAccess_3f08c07f980fa64d |
| user_access_key |
string |
ASIAQLVFNDWUHAOS6DPR |
| user_agent |
string |
APN/1.0 HashiCorp/1.0 Terraform/1.1.2 (+https://www.terraform.io) terraform-provider-aws/3.71.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.42.25 (go1.16; linux; amd64) stratus-red-team HashiCorp-terraform-exec/0.15.0 |
| user_arn |
string |
arn:aws:sts::025042951592:assumed-role/AWSReservedSSO_AdministratorAccess_3f08c07f980fa64d/ttait@snapattack.com |
| user_group_id |
integer |
025042951592 |
| user_id |
string |
|
| user_name |
string |
AWSReservedSSO_AdministratorAccess_3f08c07f980fa64d |
| user_role |
string |
|
| user_type |
string |
AssumedRole |
| vendor |
string |
Amazon Web Services |
| vendor_account |
integer |
025042951592 |
| vendor_product |
string |
AWS CloudTrail |
| vendor_region |
string |
us-west-1 |
| vpcEndpointId |
string |
vpce-0756816e |