I am trying to set up logging for my AWS S3 buckets.
I ran accross this AWS Config rule s3-bucket-logging-enabled. The logs here are server access logs.
From the CIS AWS Foundations 1.5.0 I also need to set up object-level logging for read events.
I found this in S3 doc about logging options. I just can't get my head around this. Can anyone help me understand if server access logs and object-level logs are different or the same and what service I must use between S3 server logs, CloudTrail and Cloudwatch.
I am also not sure about what log type does the Config rule check.
Thank you for your time