You are developing a set of Lambda functions for your application.
The company mandates that all API calls to Lambda functions be recorded.
Which of the below service can help achieve this?
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - B.
The AWS Documentation mentions the following.
AWS Lambda is integrated with AWS CloudTrail, a service that captures API calls made by or on behalf of AWS Lambda in your AWS account and delivers the log files to an Amazon S3 bucket that you specify.
CloudTrail captures API calls made from the AWS Lambda console or from the AWS Lambda API.
Using the information collected by CloudTrail, you can determine what request was made to AWS Lambda, the source IP address from which the request was made, who made the request, when it was made, and so on.
Option A is incorrect since this can only give information on the logs from Cloudwatch but not who called the Lambda function itself.
Option C is incorrect since this is used for logging network traffic to the VPC.Option D is incorrect since this cannot give API logging information.
For more information on using Cloudtrail, please refer to the below URL-
https://docs.aws.amazon.com/lambda/latest/dg/logging-using-cloudtrail.htmlThe correct answer to the question is B. AWS CloudTrail.
AWS CloudTrail is a service that helps in recording all the API calls made to other AWS services within your AWS account. It provides a complete history of all the API calls made to your account, including who made the call, when they made it, and what actions were performed. CloudTrail logs are stored in an S3 bucket, where they can be retrieved and analyzed later.
AWS Cloudwatch is a service that helps in monitoring AWS resources and applications that run on AWS. It provides a comprehensive view of the performance and operational health of your resources, but it does not record all the API calls made to your AWS account.
AWS VPC Flow Logs is a service that helps in capturing information about the IP traffic going to and from network interfaces in your VPC. It records details such as source and destination IP addresses, ports, and protocols. However, it does not record API calls made to AWS services.
AWS Trusted Advisor is a service that helps in optimizing your AWS infrastructure by providing best practices and recommendations. However, it does not record API calls made to AWS services.
Therefore, the correct answer is B. AWS CloudTrail.