A company has a new security policy. The policy requires the company to log any event that retrieves data from Amazon S3 buckets. The company must save these audit logs in a dedicated S3 bucket. The company created the audit logs S3 bucket in an AWS account that is designated for centralized logging. The S3 bucket has a bucket policy that allows write-only cross-account access. A solutions architect must ensure that all S3 object-level access is being logged for current S3 buckets and fture S3 buckets. Which solution will meet these requirements?

Exam-Like

Enable server access logging for all current S3 buckets Use the audit logs S3 bucket as a destination for audit logs

38.5%

Enable replication between all current S3 buckets and the audit logs S3 bucket Enable S3 Versioning in the audit logs S3 bucket

0.0%

Configure S3Event Notifications for all current S3 buckets to invoke an AWS Lambda function every time objects are accessed Store Lambda logs in the audit logs S3 bucket

23.1%

Enable AWS CloudTrail, and use the audit logs S3 bucket to store logs Enable data event logging for S3 event sources current S3 buckets, and future S3 buckets

38.5%

AWS Certified Solutions Architect - Professional

Get started today

Comments