Why Is a Username Displaying as "Hidden Due to Security Reasons"?

Why am I seeing the value “HIDDEN_DUE_TO_SECURITY_REASONS” instead of a Username on my CloudTrail event?

As a security best practice, AWS does not log the entered user name text when a sign-in failure is caused by an incorrect user name. The user name text is masked by the value “HIDDEN_DUE_TO_SECURITY_REASONS”.

For more information, see the Amazon AWS “CloudTrail userIdentity Element” article:

“The userName field contains the string HIDDEN_DUE_TO_SECURITY_REASONS when the recorded event is a console sign-in failure caused by incorrect user name input. CloudTrail does not record the contents in this case because the text could contain sensitive information, as in the following examples:

  • A user accidentally types a password in the user name field.
  • A user clicks the link for one AWS account's sign-in page, but then types the account number for a different one.
  • A user accidentally types the account name of a personal email account, a bank sign-in identifier, or some other private ID.”
Was this article helpful?
0 out of 0 found this helpful