Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon Identity and Access Management Roles Anywhere events

IAM Roles Anywhere sends service events directly to EventBridge, as well as via Amazon CloudTrail.

IAM Roles Anywhere service events

IAM Roles Anywhere sends the following events directly to EventBridge:

Delivery type: Best effort

To match against all events from this service, create an event pattern that matches against the following event attribute:

{
  "source": ["aws.rolesanywhere"]
}

To match against specific events, include a detail-type attribute specifying an array of event names to match. For example:

{
  "source": ["aws.rolesanywhere"],
  "detail-type": ["Roles Anywhere Certificate Expiration State Change"]
}

For more information, see Creating event patterns in the Amazon EventBridge User Guide.

IAM Roles Anywhere events delivered via Amazon CloudTrail

Amazon CloudTrail sends events originating from IAM Roles Anywhere to EventBridge. Amazon services deliver events to CloudTrail on a best effort basis. For more information, see Amazon service events delivered via Amazon CloudTrail in the Amazon EventBridge User Guide.

To match events from this service delivered by Amazon CloudTrail, create an event pattern that matches against the following event attributes:

{
  "source": ["aws.rolesanywhere"],
  "detail-type": ["Amazon API Call via CloudTrail"],
  "detail": {
    "eventSource": ["rolesanywhere.amazonaws.com"]
  }
}

To match against a specific API calls from this service, include an eventName attribute specifying an array of API calls to match:

{
  "source": ["aws.rolesanywhere"],
  "detail-type": ["Amazon API Call via CloudTrail"],
  "detail": {
    "eventSource": ["rolesanywhere.amazonaws.com"],
    "eventName": ["api-action-name"]
  }
}