Just to clarify, are you trying to know if access denied errors in Cloudtrail are on the users of the same account where KMS keys were created, or, through another account? If another account, it would probably be in the cloudtrail of the other account.
What is the test scenario look like? Account 1: KMS key Account 2: User trying to access the KMS key in account 1?
Can KMS Multi-Region Keys be used outside the provisioned account?asked a year ago
KMS policy for cross account cloudtrailasked 4 months ago
Minimal KMS permissions to copy a database snapshotasked 5 years ago
Cross Account Copy S3 Objects From Account B to AWS KMS-encrypted bucket in Account Aasked 8 months ago
why does the whisper action on the polly console only work for the Mathew voice?asked 5 months ago
Lightsail and KMSAccepted Answerasked 14 days ago
Why does cloudtrail not include AccessDeniedExceptions for KMS actions?asked 16 days ago
Why can S3 access the KMS key resource under my account?Accepted Answerasked 4 months ago
KMS cost in my AWS Free Tierasked 2 years ago
AWS KMS: Receiving a ThrottlingExceptions error when making requests to AWS KMSasked 5 months ago