find GetAccountPasswordPolicy events in AWS CloudTrail logs. Exclude service-to-service events

def get_password_policy_events(events):
  events_of_interest = []
  for event in events:
    if event['EventName'] == "GetAccountPasswordPolicy" or event['EventName'] == "UpdateAccountPasswordPolicy" or event['EventName'] == "PutAccountPasswordPolicy":
      if 'userIdentity' in event and 'service' not in event['userIdentity']:
        events_of_interest.append(event)
  return events_of_interest