Using AWS CloudTrail data events to audit your Amazon SNS and Amazon SQS workloads
AWS Cloud Operations Blog
This article provides guidance on using AWS CloudTrail data events to audit Amazon SNS and Amazon SQS workloads for compliance purposes, such as meeting regulatory requirements related to data access and handling of sensitive information.
Specifically, the article covers:
- How to set up CloudTrail data events for Amazon SNS topics and Amazon SQS queues to audit API actions like Publish, SendMessage, etc.
- Using CloudTrail Lake to query the data events and get audit details like the IAM entity, source IP, and VPC endpoint used for the API calls
- How these data events can help meet compliance requirements around auditing access to sensitive data from regulations like GDPR, HIPAA, PCI DSS, etc.
- Example SQL queries to retrieve and analyze the data event logs for Amazon SNS and Amazon SQS
- The importance of using VPC endpoints when accessing AWS services containing sensitive data, and auditing their usage through CloudTrail
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Jul 9
2024
2024
Monitor data events in Amazon S3 Express One Zone with AWS CloudTrail
May 27
2026
2026
Amazon S3 audit logging, Part 2: Centralized logging and analysis of S3 data events in AWS CloudTrail for security and compliance
Nov 24
2025
2025
Announcing AWS CloudTrail Event Aggregation and Insights for Data Events
Oct 21
2025
2025
Amazon ECS now publishes AWS CloudTrail data events for insight into API activities
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.