Notify user when they are added or removed from aws sso groups

Question

I am trying to publish two specific cloudtrail events in s3

Event names: AddMemberToGroup RemoveMemberFromGroup

I am unable to find options to just store these two event logs in s3 buxket. Both logs and s3 bucket are in same account. Later I will use these events from s3 as trigger to lambda function which will extract member_id and group_id from the log. The member_id will be mapped to actual email id and email will be sent via sns. Please help me to create a trail with only 2 events which can be published to s3.

Answer 1

I'm not sure that you can create a trail which only sends those events. I think you have to have the trail send all events, and do the filtering in the lambda (which is bad because you'll trigger a lot of unnecessary lambda invocations. :( )