A company has established its entire infrastructure on AWS, utilizing Amazon EC2 instances for hosting their e-commerce website and Amazon S3 for storing static data. Three engineers manage cloud administration and development through a single AWS account. Occasionally, one engineer modifies another's EC2 security group configuration, leading to noncompliance issues. A solutions architect needs to implement a system that monitors changes made by the engineers and sends alerts when noncompliant modifications to EC2 security settings occur. What is the quickest method for the solutions architect to fulfill these requirements?

Exam-Like

Set up AWS Organizations for the company and apply Service Control Policies (SCPs) to govern and track noncompliant security group changes within the AWS account.

0.0%

Enable AWS CloudTrail to log changes to EC2 security groups and set up Amazon CloudWatch rules to alert when noncompliant security settings are detected.

71.4%

Enable Service Control Policies (SCPs) on the AWS account to alert when noncompliant security group changes are made to the environment.

0.0%

Enable AWS Config on the EC2 security groups to monitor for noncompliant changes and send these changes as alerts via an Amazon Simple Notification Service (Amazon SNS) topic.

28.6%

AWS Certified Solutions Architect - Professional

Comments

Get started today