There is an external audit being carried out on your company.
The IT auditor needs to have a log of 'who made the requests' to the AWS resources in the company's account.
Which of the below services can assist in providing these details?
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - B.
Using CloudTrail, one can monitor all the API activity conducted on all AWS services.
The AWS Documentation additionally mentions the following.
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account.
With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure.
CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services.
This event history simplifies security analysis, resource change tracking, and troubleshooting.
For more information on AWS Cloudtrail, please refer to the below URL:
https://aws.amazon.com/cloudtrail/The service that can assist in providing details about who made the requests
to the AWS resources in the company's account is AWS CloudTrail (Option B).
AWS CloudTrail is a web service that records AWS API calls made in a user's account and delivers log files containing those calls to an Amazon S3 bucket or CloudWatch Logs stream. CloudTrail logs are very useful in auditing, compliance, and security scenarios. CloudTrail records all the API calls made by users, roles, or services within the account and provides information about the identity of the entity that made the call, the time the call was made, and the parameters used in the API call.
In this scenario, the IT auditor needs to have a log of who made the requests
to the AWS resources in the company's account. By enabling CloudTrail, the auditor can get this information. CloudTrail logs will capture all API requests made to AWS resources in the company's account and provide information about the identity of the entity that made the request. The logs can then be analyzed to identify who made the request to AWS resources.
AWS CloudWatch (Option A) is a monitoring service that provides metrics and logs about AWS resources and applications. It can also provide alerts and notifications when thresholds are reached. However, CloudWatch is not specifically designed for tracking API calls or logging who made those calls.
AWS EC2 (Option C) is a web service that provides resizable compute capacity in the cloud. It is a service for launching and managing virtual machines. It does not provide any logging or monitoring capabilities for API calls or users.
AWS SNS (Option D) is a messaging service that enables message delivery to a variety of endpoints including email, SMS, mobile push, and HTTP endpoints. It is not designed for logging or monitoring API calls or users.
Therefore, the correct option is B - AWS CloudTrail.