AWS Security ChangesHomeSearch

AWS keyspaces documentation change

Service: keyspaces · 2025-06-28 · Documentation low

File: keyspaces/latest/devguide/encryption.customermanaged.md

Summary

Added note about CloudTrail events showing dynamodb.amazonaws.com

Security assessment

Clarifies security logging behavior but does not address vulnerabilities or introduce new security features.

Diff

diff --git a/keyspaces/latest/devguide/encryption.customermanaged.md b/keyspaces/latest/devguide/encryption.customermanaged.md
index 532fce699..3f1bc95fa 100644
--- a//keyspaces/latest/devguide/encryption.customermanaged.md
+++ b//keyspaces/latest/devguide/encryption.customermanaged.md
@@ -286,0 +287,4 @@ The `GenerateDataKey`, `DescribeKey`, `Decrypt`, and `CreateGrant` requests are
+###### Note
+
+When you work with Amazon Keyspaces, some operations may generate CloudTrail events with an `invokedBy` field of `dynamodb.amazonaws.com`. This is expected and occurs because Amazon Keyspaces integrates with Amazon DynamoDB to provide its service.
+