Monitoring and auditing with CloudTrail - Amazon SageMaker AI
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Monitoring and auditing with CloudTrail

With trusted identity propagation enabled, Amazon CloudTrail logs include the identity information of the specific user who performed an action, rather than just the IAM role. This provides enhanced auditing capabilities for compliance and security.

To view identity information in CloudTrail logs:

  • Open the CloudTrail console.

  • Choose Event history from the left navigation pane.

  • Choose events from SageMaker AI and related services.

  • Under the Event record find onBehalfOf key. This contains the userId key and other user identification information that can be mapped to a specific IAM Identity Center user.

    See CloudTrail use cases for IAM Identity Center for more information.