just wanted to be clear on this….Is SNS notification available for every log file delivery? or is it available for every occurrence of API call? I think the former. Please correct me if wrong
1 Answers
An SNS notification is posted to the topic only when a new file has been sent, not for each API call.
Source: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/configure-sns-notifications-for-cloudtrail.html
Also check the first Note of this link:
https://docs.aws.amazon.com/awscloudtrail/latest/userguide/configure-cloudtrail-to-send-notifications.html
If you want to react on a particular call (let’s say S3 mb call), you can create a CloudWatch Alarm for the specific CloudTrail event. More details here: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudwatch-alarms-for-cloudtrail.html
Hope that helps.
thanks!