Amazon service events - Amazon CloudTrail
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon service events

CloudTrail supports logging non-API service events. These events are created by Amazon services but are not directly triggered by a request to a public Amazon API. For these events, the eventType field is AwsServiceEvent.

The following is an example scenario of an Amazon service event when a customer managed key is automatically rotated in Amazon Key Management Service (Amazon KMS). For more information about rotating KMS keys, see Rotating KMS keys.

{ "eventVersion": "1.05", "userIdentity": { "accountId": "123456789012", "invokedBy": "AWS Internal" }, "eventTime": "2019-06-02T00:06:08Z", "eventSource": "", "eventName": "RotateKey", "awsRegion": "us-east-2", "sourceIPAddress": "AWS Internal", "userAgent": "AWS Internal", "requestParameters": null, "responseElements": null, "eventID": "234f004b-EXAMPLE", "readOnly": false, "resources": [ { "ARN": "arn:aws:kms:us-east-2:123456789012:key/7944f0ec-EXAMPLE", "accountId": "123456789012", "type": "AWS::KMS::Key" } ], "eventType": "AwsServiceEvent", "recipientAccountId": "123456789012", "serviceEventDetails": { "keyId": "7944f0ec-EXAMPLE" } }