Answer-first summary for fast verification
Answer: Use AWS CloudTrail to track object-level events for the S3 bucket. Forward events to Amazon CloudWatch to set up CloudWatch alarms.
AWS CloudTrail can be configured to capture object-level data events (such as GetObject, PutObject) in S3. These events include detailed context, such as the IAM user role or username that made the API call. By forwarding CloudTrail logs to CloudWatch, alarms can be established to notify administrators of specific unauthorized API activity and pinpoint who violated the policy.
Author: Ritesh Yadav
Ultimate access to all questions.
A company stores its processed data in an S3 bucket. The company has a strict data access policy. The company uses IAM roles to grant teams within the company different levels of access to the S3 bucket. The company wants to receive notifications when a user violates the data access policy. Each notification must include the username of the user who violated the policy. Which solution will meet these requirements?
A
Use AWS Config rules to detect violations of the data access policy. Set up compliance alarms.
B
Use Amazon CloudWatch metrics to gather object-level metrics. Set up CloudWatch alarms.
C
Use AWS CloudTrail to track object-level events for the S3 bucket. Forward events to Amazon CloudWatch to set up CloudWatch alarms.
D
Use Amazon S3 server access logs to monitor access to the bucket. Forward the access logs to an Amazon CloudWatch log group. Use metric filters on the log group to set up CloudWatch alarms.
No comments yet.