Examice

Exam DOP-C02 All QuestionsBrowse all questions from this exam

Question 254

A company gives its employees limited rights to AWS. DevOps engineers have the ability to assume an administrator role. For tracking purposes, the security team wants to receive a near-real-time notification when the administrator role is assumed.

How should this be accomplished?

Configure AWS Config to publish logs to an Amazon S3 bucket. Use Amazon Athena to query the logs and send a notification to the security team when the administrator role is assumed.

Configure Amazon GuardDuty to monitor when the administrator role is assumed and send a notification to the security team.

Create an Amazon EventBridge event rule using an AWS Management Console sign-in events event pattern that publishes a message to an Amazon SNS topic if the administrator role is assumed.

Create an Amazon EventBridge events rule using an AWS API call that uses an AWS CloudTrail event pattern to invoke an AWS Lambda function that publishes a message to an Amazon SNS topic if the administrator role is assumed.

Correct Answer: D

To track and receive near-real-time notifications when an administrator role is assumed, the best solution involves using Amazon EventBridge with AWS CloudTrail. You can create an EventBridge rule that detects the specific AWS API call events related to role assumption. When such an event is detected, the rule can trigger an AWS Lambda function, which then publishes a notification message to an Amazon SNS topic. This setup provides a seamless and efficient way to meet the security team's requirements for timely notifications.

Discussion

tgvOption: D

---> D