Monitoring and auditing with CloudTrail

With trusted identity propagation enabled, AWS CloudTrail logs include the identity information of the specific user who performed an action, rather than just the IAM role. This provides enhanced auditing capabilities for compliance and security.

To view identity information in CloudTrail logs:

Open the CloudTrail console.
Choose Event history from the left navigation pane.
Choose events from SageMaker AI and related services.
Under the Event record find onBehalfOf key. This contains the userId key and other user identification information that can be mapped to a specific IAM Identity Center user.

See CloudTrail use cases for IAM Identity Center for more information.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Set up

User background sessions