Amazon EventBridge supports data plane logging to Amazon CloudTrail
Today, Amazon EventBridge announces support for logging data plane APIs using Amazon CloudTrail, enabling customers to have greater visibility into event bus activity in their Amazon Web Services account for best practices in security and operational troubleshooting. Amazon EventBridge is a serverless event bus that enables customers to build event-driven applications at scale using events from Amazon Web Services services, integrated SaaS applications, and custom sources.
Amazon CloudTrail captures API activities related to Amazon EventBridge as events, including calls from the Amazon EventBridge console and calls made programmatically using Amazon EventBridge APIs. Using the information that Amazon CloudTrail collects, you can identify a specific request to an Amazon EventBridge API, the IP address of the requester, the requester’s identity, and the date and time of the request. Logging EventBridge APIs using Amazon CloudTrail helps you enable operational and risk auditing, governance, and compliance of your Amazon Web Services account. With the introduction of data plane logging support, the EventBridge PutEvents API is now logged to Amazon CloudTrail.
To opt-in for Amazon CloudTrail logging of the above mentioned data plane APIs, you can simply configure logging on your event bus using the Amazon CloudTrail Console or by using Amazon CloudTrail APIs.
Logging data plane EventBridge APIs using Amazon CloudTrail is now available in the Amazon Web Services China (Beijing) Region, operated by Sinnet, and the Amazon Web Services China (Ningxia) Region, operated by NWCD.
To learn more about logging data plane APIs using Amazon CloudTrail, see Amazon EventBridge documentation. For more information about Amazon CloudTrail, see the Amazon CloudTrail User Guide.