Amazon EventBridge Event Bus allows customers to audit and monitor the actions in their AWS environments through events that are generated by AWS CloudTrail for API calls. Previously, only mutating API calls (for example: Create, Update, or Delete) were available in EventBridge. With support for read-only API events (for example: List, Get or Describe), customers will be able to receive and process the full suite of CloudTrail events from services that are integrated with EventBridge.
With read-only API events, you can now build rich event-driven responses from any action taken on AWS infrastructure without having to poll a batch of log files to detect threats in real-time. For example, you can be alerted if a production account lists or enumerates resources from an IP address outside of your VPC. These events are opt-in and you need to update your rule state via the PutRule API to start receiving these events. If you have event patterns that match these events, your downstream services will start processing these additional events.
Support for read-only management events is free for customers and is now available in the AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions. To learn more, please visit blog post and documentation.
Source:: Amazon AWS