Important
Important
You need to set up a dedicated bucket to store the CloudTrail logs before you can enable CloudTrail for S3 PutObject events.

Procedure

  1. In CloudTrail, click Create trail.
    dashboards-1=5394c22e-0c1c-43d3-be67-a0f81d8969e0.png
  2. Fill out Trail name and Trail log bucket name to store the logs.
    1. (Optional) Fill out Prefix of the bucket for logs.
    2. (Optional) Configure the SSE-KMS for bucket data encryption.
    3. Click Next.
    choose-trail-attributes=a87a5c56-3b4f-46b5-bd61-cf68e5568e75.png
  3. Configure what log events to collect:
    1. Check Data events, uncheck Management events.
    2. In Data events, select:
      • S3 for Data event type.
      • Log writeOnly events for Log selector template.
    3. Click Next.
    choose-log-events=3963317a-9f3d-4839-a81c-0eedbf870b9d.png
  4. Click Create trail. In the Dashboard, you can see that the Trail is in Logging status.
    dashboards-2=8c9cea2c-fa4c-48bb-a9e2-bcf33550dd1c.png