Verified Access logs
After AWS Verified Access evaluates each access request, it logs all access attempts. This provides you with centralized visibility into application access, and helps you quickly respond to security incidents and audit requests. Verified Access supports the Open Cybersecurity Schema Framework (OCSF) logging format.
When you enable logging, you need to configure a destination for the logs to be sent. The IAM principal being used to configure the logging destination needs to have certain permissions for logging to work properly. The required IAM permissions for each logging destination can be seen in the Verified Access logging permissions section. Verified Access supports the following destinations for publishing access logs:
-
Amazon CloudWatch Logs log groups
-
Amazon S3 buckets
-
Amazon Data Firehose delivery streams