AWS redshift medium security documentation change
Summary
Updated CloudTrail event example with detailed identity propagation context
Security assessment
Added detailed CloudTrail event structure showing identity propagation through 'onBehalfOf' field, which helps track delegated access - critical for auditing and security monitoring
Diff
diff --git a/redshift/latest/mgmt/data-api-trusted-identity-propagation.md b/redshift/latest/mgmt/data-api-trusted-identity-propagation.md index aa56e0780..bf1ce6b61 100644 --- a//redshift/latest/mgmt/data-api-trusted-identity-propagation.md +++ b//redshift/latest/mgmt/data-api-trusted-identity-propagation.md @@ -47,7 +46,0 @@ API calls made by the IAM Identity Center user can be tracked in AWS CloudTrail. -JSON - - -**** - - - @@ -54,0 +48,16 @@ JSON + { + "eventVersion":"1.10", + "userIdentity":{ + "type":"AssumedRole", + ... + }, + "onBehalfOf":{ + "userId":"a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "identityStoreArn":"arn:aws:identitystore::123456789012:identitystore/d-9067bc44d2" + } + }, + "eventTime":"2025-01-13T04:46:27Z", + "eventSource":"redshift-data.amazonaws.com", + "eventName":"ExecuteStatement", + "awsRegion":"us-east-1" + }