AWS awscloudtrail documentation change
Summary
Added documentation for Amazon Bedrock session API activity logging and updated references to ARN format documentation
Security assessment
The changes add a new logging capability for Bedrock sessions and update documentation references, but there is no evidence of addressing a security vulnerability or adding security-specific features.
Diff
diff --git a/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.md index 79b224f25..d89fe3d37 100644 --- a/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.md +++ b/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.md @@ -123,0 +124 @@ Amazon Bedrock | Amazon Bedrock API activity on prompts. | **Bedrock prompt** | +Amazon Bedrock | Amazon Bedrock API activity on sessions. | **Bedrock session** | `AWS::Bedrock::Session` @@ -419 +420 @@ Selectors don't support the use of wildcards like `*` . To match multiple values - * **`resources.ARN`** \- You can use any operator with `resources.ARN`, but if you use **equals** or **does not equal** , the value must exactly match the ARN of a valid resource of the type you've specified in the template as the value of `resources.type`. For more information, see [Filtering data events by resources.ARN](./filtering-data-events.html#filtering-data-events-resourcearn). + * **`resources.ARN`** \- You can use any operator with `resources.ARN`, but if you use **equals** or **does not equal** , the value must exactly match the ARN of a valid resource of the type you've specified in the template as the value of `resources.type`. @@ -425 +426 @@ You can't use the `resources.ARN` field to filter resource types that do not hav -For more information about the ARN formats of data event resources, see [Actions, resources, and condition keys](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the _AWS Identity and Access Management User Guide_. +For more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the _Service Authorization Reference_. @@ -482 +483 @@ Selectors don't support the use of wildcards like `*` . To match multiple values - * **`resources.ARN`** \- You can use any operator with `resources.ARN`, but if you use **equals** or **does not equal** , the value must exactly match the ARN of a valid resource of the type you've specified in the template as the value of `resources.type`. For more information, see [Filtering data events by resources.ARN](./filtering-data-events.html#filtering-data-events-resourcearn). + * **`resources.ARN`** \- You can use any operator with `resources.ARN`, but if you use **equals** or **does not equal** , the value must exactly match the ARN of a valid resource of the type you've specified in the template as the value of `resources.type`. @@ -488 +489 @@ You can't use the `resources.ARN` field to filter resource types that do not hav -For more information about the ARN formats of data event resources, see [Actions, resources, and condition keys](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the _AWS Identity and Access Management User Guide_. +For more information about the ARN formats of data event resources, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the _Service Authorization Reference_.