Security event logging in Amazon Lake Formation

Amazon Lake Formation is integrated with Amazon CloudTrail, a service that provides a record of actions taken by a user, role, or an Amazon service in Lake Formation. CloudTrail captures all API calls for Lake Formation as events. The calls captured include calls from the Lake Formation console, the Amazon Command Line Interface, and code calls to the Lake Formation API operations.

For more information about event logging in Lake Formation, see Logging Amazon Lake Formation API Calls Using Amazon CloudTrail.

Note

GetTableObjects, UpdateTableObjects, and GetWorkUnitResults are high-volume data plane operations. Calls to these APIs are not currently logged to CloudTrail. For more information about data plane operations in CloudTrail, see Logging data events for trails in the Amazon CloudTrail User Guide.

Changes in Lake Formation to support additional CloudTrail events will be documented at Document history for Amazon Lake Formation.

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Cross-service confused deputy prevention

Integrating with Lake Formation