A company is transitioning from an on-premises data center to the AWS Cloud and intends to utilize multiple AWS accounts managed through AWS Organizations. Initially, a few accounts will be set up, with more being added as required. A solutions architect is tasked with ensuring AWS CloudTrail is activated across all accounts. What is the most operationally efficient solution to achieve this?

Exam-Like

Develop an AWS Lambda function to establish a new CloudTrail trail in every account within the organization. Schedule this Lambda function to run daily via a scheduled action in Amazon EventBridge.

0.0%

Initiate a new CloudTrail trail in the organization's management account and configure it to record all events for every account in the organization.

33.3%

Set up a new CloudTrail trail in each account within the organization. Automatically create new trails when additional accounts are added. Implement a Service Control Policy (SCP) to prevent the deletion or modification of trails and apply this SCP to the root Organizational Unit (OU).

33.3%

Create an AWS Systems Manager Automation runbook to set up a CloudTrail trail in all accounts within the organization. Execute this automation using Systems Manager State Manager.

33.3%

AWS Certified Solutions Architect - Professional

Get started today

Comments