EventBridge rules to distinguish S3 PutObject from original upload vs S3 PutObject as a result of CRR?

To ensure AWS EventBridge only processes original PutObject events from S3 and not those generated by Cross Region Replication (CRR):

1. Event Source and Pattern:

   • Configure EventBridge to listen for s3:ObjectCreated events.
   • Use an event pattern to filter events based on the x-amz-replication-status header.

2. Event Pattern Detail:

   • The pattern should match PutObject events where x-amz-replication-status is not REPLICA.
   • Example event pattern:

     {
       "source": ["aws.s3"],
       "detail-type": ["AWS API Call via CloudTrail"],
       "detail": {
         "eventSource": ["s3.amazonaws.com"],
         "eventName": ["PutObject"],
         "requestParameters": {
           "bucketName": ["YOUR_BUCKET_NAME"]
         },
         "additionalEventData": {
           "x-amz-replication-status": [{"anything-but": ["REPLICA"]}]
         }
       }
     }

3. Action:

   • Set the rule to invoke a Lambda function or another action for events matching the pattern.
   • This ensures only original PutObject events are processed, avoiding duplication from CRR-generated events.

Hello - thanks for the reply. However I'm unable to use the CloudTrail event for my EventBridge rules. I can only receive S3 events:

{
  "source": ["aws.s3"],
  "detail-type": ["Object Created"],
  "detail": {
    "eventName": ["PutObject"],

While s3 events works perfectly for direct uploads PutObject calls - its also pulling in events for Cross Region Replication PutObject calls. How can I used regular S3 notification based pattern matching (not Cloudtrail event) to filter out CRR PutObject calls?