A company has multiple AWS accounts that are in an organization in AWS Organizations. The company needs to store AWS account activity and query the data from a central location by using SQL.
Which solution will meet these requirements?
A company has multiple AWS accounts that are in an organization in AWS Organizations. The company needs to store AWS account activity and query the data from a central location by using SQL.
Which solution will meet these requirements?
To meet the requirements of storing AWS account activity and querying the data from a central location using SQL, the best solution is to use a delegated administrator account to create an AWS CloudTrail Lake data store. In CloudTrail Lake, you can specify CloudTrail management events for the data store and enable it for all accounts in the organization. This allows centralized collection and storage of account activity, and provides the ability to query this data using SQL-based queries, which aligns perfectly with the stated needs.
B You can aggregate events within an Organization by enabling it for all accounts in the Organization with AWS CloudTrail Lake.
AWS CloudTrail Lake lets you run SQL-based queries on your events.