In this section, we'll take a deep dive into the different methods of logging that are available when working with AWS. We'll cover the importance of logging and some of the different services and features that offer logging capabilities. You will learn how to implement S3 Server access logs, configure VPC Flow Logs and Traffic Mirroring, learn how AWS CloudTrail Logs are captured and what they capture, and how to configure the CloudWatch Logging Agent.

Following this, you will be exposed to the world of cloud auditing and governance. We'll look at why audits take place and what you can do within AWS to maintain compliance with different governance controls. We'll also look at a number of different services that will be invaluable when it comes to providing evidence during an audit and how to configure services to ensure your solutions maintain a set level of compliance.

By the end of this section, you will be able to confidently plan for and approach an audit to meet any compliance required.

This section comprises the following chapters:

• Chapter 12, Implementing Logging Mechanisms
• Chapter 13, Auditing and Governance