AWS keyspaces documentation change
Summary
Added note about CloudTrail events showing dynamodb.amazonaws.com
Security assessment
Clarifies security logging behavior but does not address vulnerabilities or introduce new security features.
Diff
diff --git a/keyspaces/latest/devguide/encryption.customermanaged.md b/keyspaces/latest/devguide/encryption.customermanaged.md index 532fce699..3f1bc95fa 100644 --- a//keyspaces/latest/devguide/encryption.customermanaged.md +++ b//keyspaces/latest/devguide/encryption.customermanaged.md @@ -286,0 +287,4 @@ The `GenerateDataKey`, `DescribeKey`, `Decrypt`, and `CreateGrant` requests are +###### Note + +When you work with Amazon Keyspaces, some operations may generate CloudTrail events with an `invokedBy` field of `dynamodb.amazonaws.com`. This is expected and occurs because Amazon Keyspaces integrates with Amazon DynamoDB to provide its service. +