Open 0xdabbad00 opened 5 years ago
See https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_GetEventSelectors.html Somewhat related to #237 in that each are about CloudTrail
This data looks like:
{
"EventSelectors": [
{
"DataResources": [
{
"Type": "AWS::S3::Object",
"Values": [
"arn:aws:s3:::mybucket/",
]
}
],
"IncludeManagementEvents": true,
"ReadWriteType": "All"
}
],
"TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/cloudtrail"
}
The question for this is how much of the object events should be recorded? Is it actually important whether S3 object logging or lambda invokes are logged? Should I ensure s3 object logging is happening for all buckets?
Data collected in #260
SecurityAudit allows this call. Can see if lambda and s3 object access is recorded.