Set up the cloudtrail integration.
Ensure that an AWS CloudTrail trail has global service events enabled.
Easily troubleshoot security issues for global services that aren’t region-specific.
By default, trail logs created in the CloudTrail console log global service events. For more information, see the About global service events docs.
aws cloudtrail describe-trails
update-trail on any returned trail name above to include-global-service-events.
aws cloudtrail update-trail --name GlobalTrailName --include-global-service-events