AWS Security ChangesHomeSearch

AWS AmazonS3 documentation change

Service: AmazonS3 · 2025-06-13 · Documentation low

File: AmazonS3/latest/userguide/cloudtrail-request-identification.md

Summary

Added same DeleteObjects logging note as in other S3 files

Security assessment

Duplicate clarification of existing logging behavior without security-specific context

Diff

diff --git a/AmazonS3/latest/userguide/cloudtrail-request-identification.md b/AmazonS3/latest/userguide/cloudtrail-request-identification.md
index 16bee5a25..29405c301 100644
--- a//AmazonS3/latest/userguide/cloudtrail-request-identification.md
+++ b//AmazonS3/latest/userguide/cloudtrail-request-identification.md
@@ -169,0 +170,4 @@ You can use your AWS CloudTrail event logs to identify Amazon S3 object access r
+###### Note
+
+If you are logging data activity with AWS CloudTrail, the event record for an Amazon S3 `DeleteObjects` data event includes both the `DeleteObjects` event and a `DeleteObject` event for each object deleted as part of that operation. You can exclude the additional visibility about deleted objects from the event record. For more information, see [AWS CLI examples for filtering data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/filtering-data-events.html#filtering-data-events-deleteobjects) in the _AWS CloudTrail User Guide._
+