Feature in S3 Protection
Amazon CloudTrail data events for S3
Data events, also known as data plane operations, provide insight into the resource operations performed on or within a resource. They are often high-volume activities.
- The following are examples of CloudTrail data events for S3 that GuardDuty can monitor:
-
-
GetObject
API operations -
PutObject
API operations -
ListObjects
API operations -
DeleteObject
API operations
-
When you enable GuardDuty for the first time, S3 Protection is enabled by default and is also included in the 30-day free trial period. However, this feature is optional and you can choose to enable or disable it for any account or Region at any time. For more information about configuring Amazon S3 as a feature, see GuardDuty S3 Protection.