can you please write up an outline of what AWS services you would need to access and report on to do a security audit.

The list depends on yours company risk appetite and delivery governance/compliance processes, but typically you should look into:

• Cloudtrail
• AWS Config
• AWS artifacts
• AWS Audit Manager

Check this out: https://aws.amazon.com/cloudops/compliance-and-auditing/?whats-new-cards.sort-by=item.additionalFields.postDateTime&whats-new-cards.sort-order=desc&blog-posts-cards.sort-by=item.additionalFields.createdDate&blog-posts-cards.sort-order=desc.

My Friend, The major services required for Security Audit are 1. CloudTrail (Certralized/ Account wise) 2. GuardDuty (if enabled) 3. ELB Access Logs in the S3 bucket 4. WAF Logs in the S3 Bucket 5. If any other Security Services are integrated, those details will be required. Based on the kind of Audit you are doing the requirement will change. But most commonly these services are required.

Hi, 2 pointers for you:

• Recommendation for security audit on your AWS infrastructure: https://docs.aws.amazon.com/IAM/latest/UserGuide/security-audit-guide.html
• Security Pillar of Well-Architected Framework: https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/welcome.html

If you apply those documents to your specific context, you'll be able to define the proper form of a security audit for your system

Hope it helps

Didier