I have created an event rule in aws events bridge with event pattern:
{
"source": [
"aws.s3"
]
}
Target is a CloudWatch log group. Now when I change something on bucket level e.g. bucket permissions then I see an event captured in cloud watch but when I add add/delete a file in s3 bucket then nothing happens. What is wrong here ?
To log object-level events you have to enable logging data events for S3 in CloudTrail's trail. If you don't have a trail already, you have to create one making sure that you enable data event logging for s3.