How can I tell where an Amazon AWS key is being used?

amazon-web-services amazon-s3 amazon-iam

In addition to Cloudtrail, you should enable logging for your S3 buckets. After doing that, AWS will start logging the canonical user ID used to make authenticated requests to S3.

Quote from AWS S3 Docs on logging fields:

The canonical user ID of the requester, or the string "Anonymous" for unauthenticated requests. If the requester was an IAM user, this field will return the requester's IAM user name along with the AWS root account that the IAM user belongs to. This identifier is the same one used for access control purposes.

Related

Powershell Download via HTTP using Proxy and Checking Remote File Size Fails on Second File
PREROUTING distinguish between INPUT and FORWARD packets
msdeploy via jenkins & service account: connected but "could not authorize"?
CIFS/SAMBA Mount still attempts before network is ready even with _netdev
Filter LDAP user through PAM so it appears to not exist at all
How to fix time on NTP server with a lot of machines synchronized by it
automake error: Unescaped left brace in regex is deprecated
Forced to change expired password when using ssh key
Local administrator as default choice when in domain
Ansible become_user not picking up path correctly
Nginx status information of virtual hosts
Windows Server 2012 R2 and TCP slow start and Hyper-v hosts