AWS Certified Cloud Practitioner

Explanation

AWS Config is the correct service for tracking, recording, and auditing configuration changes to AWS resources. Here's why:

AWS Config Features:

• Configuration History: Maintains a complete history of configuration changes for AWS resources
• Compliance Tracking: Helps ensure resources remain compliant with internal policies
• Change Notifications: Sends notifications when resources are created, modified, or deleted
• Resource Relationships: Shows how resources are related to each other

Why Other Options Are Incorrect:

• AWS Shield: A DDoS protection service, not for configuration tracking
• AWS IAM: Identity and Access Management service for controlling permissions
• Amazon Inspector: Security assessment service for vulnerabilities, not configuration tracking

AWS Config provides continuous monitoring and assessment of your AWS resource configurations, making it essential for governance, compliance, and security auditing.