You need to map the top-level field requestParameters as a flattened field, this way the entire json object of this field will be stored.
This is how elastic do that with the Cloudtrail integration.
They also copy the object field to another field to also keep the field as a string.
You can check how the ingest pipeline process the logs here.
Are you using logstash? I have a filter for the 4 fields in cloudtrail logs that are dynamic, maybe you can adapt it for your use case.