Posted On: Sep 21, 2017
AWS CloudTrail now allows you to automatically add your new and existing Amazon S3 buckets to S3 Data Events. S3 Data Events allow you to record API actions on Amazon S3 objects and receive detailed information such as the AWS account, IAM user role, and IP address of the caller, time of the API call, and other details. Previously, you had to manually add individual S3 buckets in your account to track S3 object-level operations, and repeat the process for each new S3 bucket. Now, you can automatically log S3 Data Events for all of your new and existing S3 buckets with a few clicks. This ensures that all S3 object-level API activity in your account is recorded to help with your data exfiltration and S3 objects usage analysis.
The ability to automatically add S3 Data Events for all Amazon S3 buckets is available in US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Canada (Central), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), EU (London), and South America (São Paulo) regions.