The Stax Identity Service manages and monitors access to Stax and, in most cases, Stax-managed AWS accounts. Monitor the service and its logs to keep up to date with activity in your Stax tenancy. The service has logging and protections in place to protect its own integrity and allow administrators to review its activity.
When users authenticate to Stax-managed AWS accounts using the Stax Identity Service, audit information is recorded in the logging account.
Web Application Firewall (WAF) Logs
The Stax Identity Service is protected by AWS Web Application Firewall (WAF). WAF is a security control that helps ensure that your access to Stax remains secure, reliable and highly available. Logs from the WAF protecting your Identity Service are sent to an S3 bucket in your security account labelled stax-idam-waflogs-<security_account_aws_account_id>.