- Create a new S3 bucket for storing the log files: greeter-audit-trail-bucket.
- Leave the prefix field blank. Applying a prefix just prepends the value supplied to each log file.
- Choose to proceed with S3 Server-Side Encryption (SSE), which is the default.
- Choose to validate every log file when it is delivered, to detect tampering.
- Choose a Simple Notification Service (SNS) notification, to be triggered upon every log file delivery. For this, choose to create a new topic named greeter-audit-trail-notification-topic, to have the message published to.
- Do not choose to integrate CloudWatch just yet.
Configuring ...