A security team is responsible for reviewing AWS API call activity in the cloud environment for security violations. These events must be recorded and retained ...

A security team is responsible for reviewing AWS API call activity in the cloud environment for security violations. These events must be recorded and retained in a centralized __cpLocation for both current and future AWS regions.
What is the SIMPLEST way to meet these requirements?