Amazon Web Service CloudTrail allows option to add Amazon S3 bucket to the Data events

Amazon Web Service CloudTrail enables you to automatically add existing and new Amazon S3 buckets to the S3 Data events. The Simple Storage Service Data Events enable you to capture the API actions on the Amazon S3 objects and accept the detailed information as the IAM user role, IP address of the caller, AWS account, time of the API call and other details. Earlier you had to manually add individual Amazon S3 buckets in the account to record S3 objects-level operations and to repeat the procedure for each new Amazon S3 bucket. With this new update, you can now automatically log S3 Data Events for all existing and new S3 buckets with just a few clicks. This guarantees that all the Amazon S3 object level API activity in the account is recorded to help the data exfiltration and the S3 object usage analysis.