Answer-first summary for fast verification
Answer: Use AWS CloudTrail to get a record of actions taken by a user
AWS Systems Manager Parameter Store provides secure, hierarchical storage for configuration data management and secrets management. You can store data such as passwords, database strings, Amazon Machine Image (AMI) IDs, and license codes as parameter values. You can store values as plain text or encrypted data. AWS CloudTrail provides a record of actions taken by a user, role, or an AWS service in Systems Manager. Using the information collected by AWS CloudTrail, you can determine the request that was made to Systems Manager, the IP address from which the request was made, who made the request, when it was made, and additional details.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company utilizes the AWS Systems Manager (SSM) Parameter Store to store sensitive application secrets. Recently, your internal audit team has requested a detailed report to identify who has accessed or made API calls against the SSM Parameter Store, as well as the corresponding timestamps of these actions.
Which of the following solutions can you use to generate this report?
A
Use SSM Parameter Store Access Logs in S3 to get a record of actions taken by a user
B
Use AWS CloudTrail to get a record of actions taken by a user
C
Use SSM Parameter Store List feature to get a record of actions taken by a user
D
Use SSM Parameter Store Access Logs in CloudWatch Logs to get a record of actions taken by a user