AWS AmazonS3 documentation change
Summary
Added same DeleteObjects logging note as in other S3 files
Security assessment
Duplicate clarification of existing logging behavior without security-specific context
Diff
diff --git a/AmazonS3/latest/userguide/cloudtrail-request-identification.md b/AmazonS3/latest/userguide/cloudtrail-request-identification.md index 16bee5a25..29405c301 100644 --- a//AmazonS3/latest/userguide/cloudtrail-request-identification.md +++ b//AmazonS3/latest/userguide/cloudtrail-request-identification.md @@ -169,0 +170,4 @@ You can use your AWS CloudTrail event logs to identify Amazon S3 object access r +###### Note + +If you are logging data activity with AWS CloudTrail, the event record for an Amazon S3 `DeleteObjects` data event includes both the `DeleteObjects` event and a `DeleteObject` event for each object deleted as part of that operation. You can exclude the additional visibility about deleted objects from the event record. For more information, see [AWS CLI examples for filtering data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/filtering-data-events.html#filtering-data-events-deleteobjects) in the _AWS CloudTrail User Guide._ +