SAA-C03 Design Secure Architectures • Set 10
SAA-C03 Design Secure Architectures Practice Test 10 — 15 questions with explanations. Free, no signup.
A SOC analyst needs an immutable, centralized audit record of configuration and API changes across multiple AWS accounts. Recently, an operator changed an IAM role trust policy, and investigators must determine exactly which principal made the change and which parameters were used.
Your current setup sends application logs to CloudWatch Logs, but there is no organization-level API audit logging.
Which approach best satisfies the requirement?