I plan to create a trail in Cloudtrail to capture all data events for a dynamodb table. But it doesn't allow me to select a single dynamodb table. It is greyed out in below screenshot. Is there a way to only capture one single table rather than all tables?
You have to switch to advanced mode. Then you can specify custom event pattern in json, e.g.:
[
{
"name": "",
"fieldSelectors": [
{
"field": "eventCategory",
"equals": [
"Data"
]
},
{
"field": "resources.type",
"equals": [
"AWS::DynamoDB::Table"
]
},
{
"field": "resources.ARN",
"equals": [
"<ARN-OF-TABLE>"
]
}
]
}
]
