Skip to main content

Auditing

Marketplace Central

Marketplace Central provides auditability across all solution using AWS-native logging, monitoring, and compliance tools. Activity logs are collected across the entire stack—including authentication, business logic, orchestration, data access, and storage—to support customer audit and compliance requirements.

AWS Service Logging

Amazon Cognito
Authentication and authorization events—such as user sign-ins, token refreshes, and federated identity access—are logged through AWS CloudTrail, enabling traceability of identity events and user sessions.

AWS Lambda
All Lambda function invocations, including business logic execution and data processing, are logged to Amazon CloudWatch Logs. Function invocation metadata, API calls made by functions, and errors are also captured in CloudTrail.

Amazon S3 (for web hosting)
Static web content access and object-level interactions are logged via S3 Server Access Logs or CloudTrail Data Events, providing visibility into frontend usage patterns.

Amazon EventBridge
Events published to or routed through EventBridge are tracked in CloudTrail, providing insight into event-based workflows, system integration points, and automation triggers.

Amazon DynamoDB
All reads, writes, updates, and deletes on DynamoDB tables used for application data are auditable through CloudTrail Data Events (if enabled). This captures the full lifecycle of data access patterns. Additionally, DynamoDB Streams can be used to monitor real-time changes to data for audit trails or downstream processing.

Centralized Logging and Audit Readiness

To support customer audit and compliance needs, the solution integrates the following centralized logging tools:

  • AWS CloudTrail: Captures all control-plane and (where enabled) data-plane API calls across services. Trails can be configured for multi-account logging with delivery to Amazon S3, encrypted using AWS KMS, and analyzed via Athena, OpenSearch, or third-party SIEM tools.

  • Amazon CloudWatch Logs and Metrics: Provide real-time operational visibility into application performance, execution paths, and anomalies.