A company has resources hosted in their AWS Account. There is a requirement to monitor all API activity for all regions. The audit needs to be applied for future regions as well.
Which of the following can be used to fulfil this requirement?
A . Ensure Cloudtrail for each region. Then enable for each future region.
B . Ensure one Cloudtrail trail is enabled for all regions.
C . Create a Cloudtrail for each region. Use Cloudformation to enable the trail for all future regions.
D . Create a Cloudtrail for each region. Use AWS Config to enable the trail for all future regions.
Answer: B
Explanation:
The AWS Documentation mentions the following
You can now turn on a trail across all regions for your AWS account. CloudTrail will deliver log files from all regions to the Amazon S3 bucket and an optional CloudWatch Logs log group you specified. Additionally, when AWS launches a new region, CloudTrail will create the same trail in the new region. As a result you will receive log files containing API activity for the new region without taking any action.
Option A and C is invalid because this would be a maintenance overhead to enable cloudtrail for every region
Option D is invalid because this AWS Config cannot be used to enable trails
For more information on this feature, please visit the following URL: https://aws.ama2on.com/about-aws/whats-new/20l5/l2/turn-on-cloudtrail-across-all-reeions-and-support-for-multiple-trails
The correct answer is: Ensure one Cloudtrail trail is enabled for all regions. Submit your Feedback/Queries to our Experts