AWS Certified Cloud Practitioner

Explanation

AWS CloudTrail is the correct service for logging API requests to Amazon Bedrock because:

• CloudTrail is AWS's service for logging API calls and events across AWS services
• It captures detailed information about API requests made to Amazon Bedrock, including who made the request, when it was made, and what actions were performed
• CloudTrail logs can be delivered to Amazon S3 for long-term storage

Amazon S3 Intelligent-Tiering is the correct storage class for cost-effective 5-year retention because:

• S3 Intelligent-Tiering automatically moves objects between two access tiers (frequent and infrequent access) based on changing access patterns
• For long-term storage (5 years), most logs will be accessed infrequently, making Intelligent-Tiering more cost-effective than S3 Standard
• It provides the lowest possible cost while maintaining durability and availability
• The storage class is designed for data with unknown or changing access patterns

Why not the other options:

• Amazon CloudWatch (B): While CloudWatch can monitor and log metrics, it's not specifically designed for comprehensive API request logging like CloudTrail
• AWS Audit Manager (C): This service helps automate compliance assessments, not API request logging
• Amazon S3 Standard (E): While it could store the logs, it's more expensive than Intelligent-Tiering for long-term storage where data access is infrequent

Key Points:

1. CloudTrail is the standard AWS service for API call logging
2. S3 Intelligent-Tiering optimizes costs by automatically moving data to the most cost-effective access tier
3. For 5-year retention with infrequent access, Intelligent-Tiering provides better cost optimization than S3 Standard