Monitoring your change request events - Amazon Systems Manager
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Monitoring your change request events

After turning on integration with Amazon CloudTrail Lake and creating an event data store, you can view auditable details about the change requests that are run in your account or organization. This includes details such as the following:

  • The identity of the user that initiated the change request

  • The Amazon Web Services Regions where the changes were made

  • The source IP address for the request

  • The Amazon access key used for the request

  • The API actions run for the change request

  • The request parameters included for those actions

  • The resources updated during the process

Important

If you're using Change Manager for an organization, you can complete the following procedure while signed in to either the management account or the delegated administrator account for Change Manager.

However, to use the delegated administrator account to complete these steps, the same delegated administrator account must be specified for both CloudTrail and Change Manager.

When you sign in to the management account for Change Manager, you can add or change the delegated administrator account for CloudTrail on the CloudTrail Settings page. This must be done before the delegated administrator account can create an event data store for use by the entire organization.

To turn on CloudTrail Lake event tracking from Change Manager

  1. Open the Amazon Systems Manager console at https://console.amazonaws.cn/systems-manager/.

  2. In the navigation pane, choose Change Manager.

    -or-

    If the Amazon Systems Manager home page opens first, choose the menu icon ( The menu icon ) to open the navigation pane, and then choose Change Manager.

  3. Choose the Requests tab.

  4. Choose any existing change request, and then choose the Associated events tab.

  5. Choose Enable CloudTrail Lake.

  6. Follow the steps in Create an event data store for CloudTrail events in the Amazon CloudTrail User Guide.

    To ensure that event data for your change requests is stored, make the following selections as you complete the procedure:

    • For Event type, leave the defaults Amazon events and CloudTrail events selected.

    • If you're using Change Manager with an organization, select Enable for all accounts in my organization.

    • For Management events, do not clear the Write check box.

    Other options you choose when creating your event data store don't affect the storage of event data for your change requests.