You should configure CloudFront Access Logging to create log files that contain detailed information about every user request that CloudFront receives
Logging provides vital information about access and usage
Enable logging for CloudFront distributions
The following example will fail the aws-cloudfront-enable-logging check.
The following example will pass the aws-cloudfront-enable-logging check.