In CloudTrail, how to create a trail that targets only specific type of events?

1

We'd like to create a CloudTrail trail for management events that targets only specific type of events, for example, EBS volume creation, modification, and deletion. I do not see any option to achieve this. Is it not supported by AWS?

Ori
gefragt vor 3 Monaten316 Aufrufe
2 Antworten
1

Hello.

Events such as creation, modification, and deletion of EBS volumes are included in management events.
I don't think it is possible to create a trail by narrowing down to specific events of a specific service with management events.

https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html

profile picture
EXPERTE
beantwortet vor 3 Monaten
-1

There is a thing called Advanced Event Selectors that let you filter specific events from Cloudtrail. Here is a blog that shows how & what you can do with it https://aws.amazon.com/blogs/mt/optimize-aws-cloudtrail-costs-using-advanced-event-selectors/

API level documentation is

profile picture
EXPERTE
Kallu
beantwortet vor 3 Monaten
  • Hi Kallu, thanks for the answer. Unfortunately the Event Selectors are available only for Data Events. EBS events such as I described are not Data Events, but Management Events. In my question I specifically mentioned Management Events.

    How do we get Event Selectors for Management Events?

    Thanks

  • You're correct. Didn't check all the "small print". This would have been nice feature but I guess the typical volume of mgmt events is more manageable than data events so it isn't too much overhead to do filtering when reading the events.

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen