AWS Security ChangesHomeSearch

AWS awscloudtrail documentation change

Service: awscloudtrail · 2025-05-31 · Documentation low

File: awscloudtrail/latest/userguide/query-event-data-store-config.md

Summary

Updated documentation link text from 'Tagging your AWS resources' to 'Tagging AWS resources' in tag section

Security assessment

Change only modifies link text formatting without altering security-related content about tag-based IAM policies. No security implications or vulnerability fixes indicated.

Diff

diff --git a/awscloudtrail/latest/userguide/query-event-data-store-config.md b/awscloudtrail/latest/userguide/query-event-data-store-config.md
index 8ed0eb2b5..5c365155f 100644
--- a//awscloudtrail/latest/userguide/query-event-data-store-config.md
+++ b//awscloudtrail/latest/userguide/query-event-data-store-config.md
@@ -117 +117 @@ For [organization event data stores](./cloudtrail-lake-organizations.html), Clou
-  10. (Optional) In the **Tags** section, you can add up to 50 tag key pairs to help you identify, sort, and control access to your event data store. For more information about how to use IAM policies to authorize access to an event data store based on tags, see [Examples: Denying access to create or delete event data stores based on tags](./security_iam_id-based-policy-examples.html#security_iam_id-based-policy-examples-eds-tags). For more information about how you can use tags in AWS, see [Tagging your AWS resources](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html) in the _Tagging AWS Resources User Guide_.
+  10. (Optional) In the **Tags** section, you can add up to 50 tag key pairs to help you identify, sort, and control access to your event data store. For more information about how to use IAM policies to authorize access to an event data store based on tags, see [Examples: Denying access to create or delete event data stores based on tags](./security_iam_id-based-policy-examples.html#security_iam_id-based-policy-examples-eds-tags). For more information about how you can use tags in AWS, see [Tagging AWS resources](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html) in the _Tagging AWS Resources User Guide_.
@@ -138,86 +137,0 @@ From this point forward, the event data store captures configuration items. Conf
-### Sample queries
-
-You can now run queries on your new event data store. The **Sample queries** tab on the CloudTrail console provides example queries to get you started. The following are a few of the sample queries that you can run against your configuration item event data store.
-
-Description | Query  
----|---  
-Find which user performed an action that resulted in a non-compliant status by joining a configuration item event data store with a CloudTrail event data store. | 
-    
-    
-    SELECT
-        element_at(config1.eventData.configuration, 'targetResourceId') as targetResourceId,
-        element_at(config1.eventData.configuration, 'complianceType') as complianceType,
-        config2.eventData.resourceType, cloudtrail.userIdentity
-    FROM
-        config_event_data_store_ID  as config1
-    JOIN
-        config_event_data_store_ID  as config2 on element_at(config1.eventData.configuration, 'targetResourceId') = config2.eventData.resourceId
-    JOIN
-        cloudtrail_event_data_store_ID  as cloudtrail on config2.eventData.arn = element_at(cloudtrail.resources, 1).arn
-    WHERE
-        element_at(config1.eventData.configuration, 'configRuleList') is not null
-    AND 
-        element_at(config1.eventData.configuration, 'complianceType') = 'NON_COMPLIANT'
-    AND 
-        cloudtrail.eventTime > '2022-11-14 00:00:00'
-    AND 
-        config2.eventData.resourceType = 'AWS::DynamoDB::Table'
-                                      
-  
-Find all AWS Config rules and return the compliance state from configuration items generated within the past day. | 
-    
-    
-    SELECT 
-        eventData.configuration, eventData.accountId, eventData.awsRegion, 
-        eventData.resourceName, eventData.resourceCreationTime, 
-        element_at(eventData.configuration,'complianceType') AS complianceType, 
-        element_at(eventData.configuration, 'configRuleList') AS configRuleList, 
-        element_at(eventData.configuration, 'resourceId') AS resourceId, 
-        element_at(eventData.configuration, 'resourceType') AS resourceType 
-    FROM 
-        config_event_data_store_ID 
-    WHERE 
-        eventData.resourceType = 'AWS::Config::ResourceCompliance' 
-    AND 
-        eventTime > '2022-11-22 00:00:00' 
-    ORDER BY 
-        eventData.resourceCreationTime 
-    DESC 
-        limit 10
-                                      
-  
-Find the total count of AWS Config resources grouped by resource type, account ID, and Region. | 
-    
-    
-    SELECT 
-        eventData.resourceType, eventData.awsRegion, eventData.accountId, 
-    COUNT (*) AS resourceCount 
-    FROM 
-        config_event_data_store_ID 
-    WHERE 
-        eventTime > '2022-11-22 00:00:00' 
-    GROUP BY 
-        eventData.resourceType, eventData.awsRegion, eventData.accountId
-                                      
-  
-Find the resource creation time for all AWS Config configuration items generated on a specific date. | 
-    
-    
-    SELECT
-        eventData.configuration, eventData.accountId, 
-        eventData.awsRegion, eventData.resourceId, 
-        eventData.resourceName, eventData.resourceType, 
-        eventData.availabilityZone, eventData.resourceCreationTime
-    FROM 
-        config_event_data_store_ID
-    WHERE 
-        eventTime > '2022-11-16 00:00:00' 
-    AND 
-        eventTime < '2022-11-17 00:00:00'  
-    ORDER BY 
-        eventData.resourceCreationTime
-    DESC 
-        limit 10;                               
-  
-For more information about creating and editing queries, see [Create or edit a query with the CloudTrail console](./query-create-edit-query.html).
-