Skip to content

CloudTrail

Overview

In this lab, you'll inspect AWS CloudTrail to identify which API calls were made through the MCP Server. You'll discover the CalledViaAWSMCP marker in event data, which lets you distinguish agent-driven actions from human actions — a critical capability for auditing and governance.

What You'll Learn

  • How to query CloudTrail for recent API events made by your agent
  • How to identify MCP Server-originated calls using the CalledViaAWSMCP condition
  • How this marker enables governance policies and automated auditing

Instructions

Explore

Try to accomplish this goal using your agent. Here are some hints if you get stuck:

  1. Ask your agent to look up recent CloudTrail events from the last hour in your account
  2. Have it filter for events that contain "MCP" or "CalledViaAWSMCP" in the event data
  3. Ask it to explain what the CalledViaAWSMCP field means and how it could be used in IAM policies
Step-by-step Walkthrough
  1. Ask your agent to query CloudTrail for recent events:

Look at CloudTrail events from the last 2 hours and identify which ones were made through the MCP Server. Look for the CalledViaAWSMCP marker in the additionalEventData field.

  1. Your agent will call LookupEvents through the MCP Server. It should find events from your earlier labs (S3 operations, EC2 launch, security group creation) that include the MCP marker.

  2. Ask your agent to summarize what it found:

Summarize the MCP-originated events: how many were there, what API actions were called, and what resources were affected?

  1. Ask your agent about the governance implications:

How could I use the CalledViaAWSMCP condition key in an IAM policy? Show me an example policy that only allows S3 delete operations when NOT called via the MCP Server.

  1. Your agent should explain that aws:CalledViaAWSMCP is a condition key you can use in IAM policies to control what actions agents can perform, separate from what humans can do directly.

Validation

Open the CloudWatch Dashboard in the AWS Console. The Module 3 widget checks:

  • ✅ CloudTrail contains at least 1 event with additionalEventData containing CalledViaAWSMCP

This should already pass from the API calls you made in Labs 1–3 of this module.

You can also verify directly:

Check CloudTrail for any events in the last 3 hours that have CalledViaAWSMCP in their additionalEventData.

Agent-Specific Tips

Claude Code can query CloudTrail directly through the MCP Server. For better results, ask it to filter specifically:

Look at CloudTrail events from today and show me only those with CalledViaAWSMCP in additionalEventData. Show the event name, time, and source IP for each.

Kiro can use the MCP tools to query CloudTrail. If the response is large, ask Kiro to summarize:

Query CloudTrail for MCP-originated events and give me a concise table showing event name, timestamp, and affected resource.

Cursor can query CloudTrail through the MCP Server. If it returns too many events, narrow the scope:

Show me only S3 and EC2 CloudTrail events from the last 2 hours that were called via the MCP Server.

Codex can look up CloudTrail events through the MCP Server. Ask it to explain the governance use case:

Find CalledViaAWSMCP events in CloudTrail and then explain how I'd write an IAM policy that restricts agent actions differently from human actions.