In a cloud model, the security of the environment and compliance becomes the responsibility of both the end users and the cloud provider. This is what we call the shared responsibility model in which every part of the cloud, including the hardware, data, configurations, access rights, and operating system, are protected.
Ansible’s CloudTrail module is used to leverage the various features of the CloudTrail service to monitor and audit user activities and API calls in the AWS environment.
This S3 bucket can be passed to the CloudTrail module, which will be used as the destination for the trail-generated logs.
CloudTrail logs are collected to verify the compliance and security of the AWS environment.