This is a dedicated watch page for a single video.
The security team at a retail company utilizes Amazon EventBridge to monitor Amazon S3 objects, aiming to detect public access and any other changes in S3 bucket policies/settings that result in public access. They configure EventBridge to watch specific CloudTrail API calls (s3:PutObjectAcl, s3:DeleteBucketPolicy, and s3:PutBucketPolicy) and use Amazon SNS for immediate email notifications. However, during development, the team finds that s3:PutObjectAcl doesn't trigger an EventBridge event, while the other two do. CloudTrail for AWS management events is enabled with a basic configuration in the relevant region, and EventBridge pattern verification is correct. The team needs a solution to ensure s3:PutObjectAcl triggers an EventBridge event without generating false notifications. What is the appropriate solution for this scenario?