- Más nuevo
- Más votos
- Más comentarios
You are correct that some AWS services have control planes located in specific regions, and the global service logs for those services are created in the region where the control plane is located.
For example, IAM has a control plane located in the US East (N. Virginia) region, and the global service logs for IAM are created in that region. Similarly, Route 53 has a control plane located in the US East (N. Virginia) region, and the global service logs for Route 53 are also created in that region.
When you use a service like CloudTrail to collect events across your organization's accounts, the global service logs for services with control planes in US East (N. Virginia) will be created in that region, even if the data plane events are created in other regions.
It's worth noting that not all AWS services have control planes located in US East (N. Virginia), so the global service logs for those services may be created in different regions. Additionally, some services may have multiple control planes located in different regions, so the global service logs for those services may be created in multiple regions.
There really isn't much more to it. Global services like IAM & Route53, due to their nature, do not have independent control and or data planes in every region [1], so those CloudTrail Events for those services will reflect that.
Contenido relevante
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace 3 años
Is this documented somewhere? It would be really useful for me to have a clearly documented source?