In CloudTrail, how to create a trail that targets only specific type of events?

1

We'd like to create a CloudTrail trail for management events that targets only specific type of events, for example, EBS volume creation, modification, and deletion. I do not see any option to achieve this. Is it not supported by AWS?

Ori
質問済み 3ヶ月前313ビュー
2回答
1

Hello.

Events such as creation, modification, and deletion of EBS volumes are included in management events.
I don't think it is possible to create a trail by narrowing down to specific events of a specific service with management events.

https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html

profile picture
エキスパート
回答済み 3ヶ月前
-1

There is a thing called Advanced Event Selectors that let you filter specific events from Cloudtrail. Here is a blog that shows how & what you can do with it https://aws.amazon.com/blogs/mt/optimize-aws-cloudtrail-costs-using-advanced-event-selectors/

API level documentation is

profile picture
エキスパート
Kallu
回答済み 3ヶ月前
  • Hi Kallu, thanks for the answer. Unfortunately the Event Selectors are available only for Data Events. EBS events such as I described are not Data Events, but Management Events. In my question I specifically mentioned Management Events.

    How do we get Event Selectors for Management Events?

    Thanks

  • You're correct. Didn't check all the "small print". This would have been nice feature but I guess the typical volume of mgmt events is more manageable than data events so it isn't too much overhead to do filtering when reading the events.

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ