How can I find information about who pushed a file into a s3 bucket using cloudtrail? I am trying to use ResourceName and passing the name of the bucket, or even the full arn of the bucket, but still I don’t receive anything… I tried with multiple buckets already.
By default, cloudtrail logging for s3 object actions isn’t enabled.
It only tracks bucket level operations like create/delete/get bucket, policies, etc.
For objects, you’ve to explicitly enable logging.
Bucket properties → AWS CloudTrail data events → Configure in CloudTrail
This should help…
On what’s default: https://docs.aws.amazon.com/AmazonS3/latest/userguide/cloudtrail-logging-s3-info.html
To enable object level logging:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-cloudtrail-logging-for-s3.html
