Posted On: Apr 14, 2021

Amazon Identity and Access Management (IAM) now provides the ability to easily identify the user responsible for an Amazon Web Services action performed while assuming an IAM role. By setting the new source identity attribute, which gets logged in Amazon CloudTrail for most actions, you can easily find out who is responsible for actions performed using IAM roles.

When the source identity attribute is set, you can easily connect an event logged by Amazon CloudTrail with the identity of the user or application who performed that action. You no longer need to assemble multiple CloudTrail log entries, potentially across multiple accounts, in order to identify the specific user or application who performed an action while assuming a role. This is true even for role chaining, where a user uses one IAM role to assume another IAM role. This gives IAM administrators and security professionals more confidence in the audit trail for most actions.

This new feature is available in all Amazon Web Services Regions including the Amazon Web Services China (Beijing) Region operated by Sinnet, and the Amazon Web Services China (Ningxia) Region operated by NWCD.  

To learn more about this feature for your workforce users, see IAM documentation.