sample cloudtrail entry when access is denied for PutObject

cloudtrail-PutObject-denied.json

{
      "eventVersion": "1.08",
      "userIdentity": {
        "type": "IAMUser",
        [...]
      },
      "eventTime": "2021-08-12T05:06:27Z",
      "eventSource": "s3.amazonaws.com",
      "eventName": "PutObject",
      "awsRegion": "ap-southeast-2",
      "sourceIPAddress": "10.1.1.2",
      "userAgent": "[aws-cli/1.16.113 Python/3.7.3 Linux/4.14.219-161.340.amzn2.x86_64 botocore/1.12.103]",
      "errorCode": "AccessDenied",
      "errorMessage": "Access Denied",
      "requestParameters": {
        "bucketName": "mybucket",
        "x-amz-server-side-encryption-aws-kms-key-id": "arn:aws:kms:ap-southeast-2:xxx:key/xxxxx-xxxx-xxxx-xxxx-xxxxxx",
        "Host": "mybucket.s3.ap-southeast-2.amazonaws.com",
        "x-amz-server-side-encryption": "aws:kms",
        "key": "mykey/test.py"
      },
      "responseElements": null,
      "additionalEventData": {
          [...]
      },
      "requestID": "xxxxx",
      "eventID": "xxxxx",
      "readOnly": false,
      "resources": [
        {
          "type": "AWS::S3::Object",
          "ARN": "arn:aws:s3:::mybucket/mykey/test.py"
        },
        {
          "accountId": "9999999999",
          "type": "AWS::S3::Bucket",
          "ARN": "arn:aws:s3:::mybucket"
        }
      ],
      "eventType": "AwsApiCall",
      "managementEvent": false,
      "recipientAccountId": "9999999999",
      "vpcEndpointId": "vpce-08aaaaaa",
      "eventCategory": "Data"
    }