AWS Certified Cloud Practitioner

Explanation:

AWS Config is the correct service for tracking, recording, and auditing configuration changes to AWS resources. Here's why:

Key Features of AWS Config:

• Configuration History: Maintains a detailed history of configuration changes for AWS resources
• Compliance Monitoring: Continuously monitors and records resource configurations
• Change Tracking: Provides visibility into how resources are configured and how they change over time
• Audit Trail: Creates an audit trail of configuration changes for security and compliance purposes

Why other options are incorrect:

• AWS Shield: This is a managed DDoS protection service, not for configuration tracking
• AWS IAM: Identity and Access Management service for controlling access to AWS resources, not for configuration change tracking
• Amazon Inspector: Automated security assessment service that checks for security vulnerabilities, not for configuration change auditing

Use Cases for AWS Config:

1. Security Compliance: Ensure resources comply with security policies
2. Change Management: Track who made changes and when
3. Troubleshooting: Identify configuration changes that may have caused issues
4. Audit Requirements: Meet regulatory and compliance audit requirements

AWS Config helps organizations maintain visibility and control over their AWS resource configurations, making it essential for governance and compliance.