How to find all actions/events that are able to create or modify a specific resource?

[michuer]

Hi I'm looking for the way how to find all actions that are able to create or modify a specific resource.

Below is example, however, the question is more general and applies to any resource:
I tried to capture all events that are able to create/update api gateway stage for automatic WAF hooking. Initially, I identified 2 actions "CreateStage" and "UpdateStage" however, it turned out that apart from these 2 actions, the "CreateDeployment" action also is able to create stage without invoking the "CreateStage" event.

Unfortunately, logic implementations for AWS CLI functions are not publicly available so it's hard to find such information.
In the CloudTrail history, you can search for all resources that have been affected by an event, but this is only a picture of the actions that have already been performed on the account, and I would like to predict which events may affect a particular resource.

[aBurmeseDev]

Hi @michuer - thanks for reaching out.

If I understand correctly, you're looking for a way to look up events with a given resource. If that's the case, I would suggest looking at AWS CLI lookup-events.

Here's more on how to use the method with lookup-attributes flag: https://repost.aws/knowledge-center/cloudtrail-search-actions

Hope that helps!