AWS CloudTrail event names supported by AWS Audit Manager

You can capture AWS CloudTrail management events and global service events as evidence in Audit Manager. To do this, you specify the CloudTrail event name as a data source mapping when you create a custom control.

As an exception to the above, the following three CloudTrail events aren't supported by Audit Manager:

kms_GenerateDataKey
kms_Decrypt
sts_AssumeRole

Note

Audit Manager captures management events and global service events only. Data events and insights events are not available as evidence. For more information about the different types of CloudTrail events, see CloudTrail concepts in the AWS CloudTrail User Guide.

For instructions on how to view CloudTrail events, see Viewing Events with CloudTrail Event History in the AWS CloudTrail User Guide.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS API calls

Settings