Within this chapter, we focused on Amazon S3, VPC Flow Logs, AWS CloudTrail, and Amazon CloudWatch, all of which provided logging capabilities. We looked at how these are configured to capture log data to allow you to analyze them for suspicious activity.Â
An integral part of building a secure infrastructure is being able to collate and retrieve logs as and when required to help you identify the source of a threat even before it has happened. If you want to become an AWS security specialist, then take the time to investigate and understand which of the AWS services provide logs and how you can manage and monitor them to give you insight into your environment.
In the next chapter, I will be focusing on AWS auditing and governance and some of the services used to implement these measures, such as AWS Artifact, AWS CloudTrail, AWS Config, and Amazon Macie.