AWS CloudTrail

AWS CloudTrail is a service that records API calls made on your AWS account. It tracks user activity and API usage across AWS services, providing logs for monitoring, auditing, and security analysis. The logs capture details such as who made the API call, what actions were taken, when they occurred, and from which IP address.

AWS CloudTrail can stream logs to Amazon Kinesis. CloudTrail supports integration with Amazon Kinesis Data Streams, allowing you to stream CloudTrail logs to a Kinesis stream for real-time processing. This is useful when you need to analyze logs in near real-time or forward them to other applications.

1. CloudTrail can deliver logs to Amazon S3, Amazon CloudWatch Logs, and Amazon Kinesis Data Streams.
2. The logs are also accessible through CloudTrail's console or API, where you can manage and query them.

1. Question: CloudTrail to record API calls

A company hosts its multi-tier applications on AWS. For compliance, governance, auditing, and security, the company must track configuration changes on its AWS resources and record a history of API calls made to these resources. What should a solutions architect do to meet these requirements?

1. Use AWS CloudTrail to track configuration changes and AWS Config to record API calls.
2. Use AWS Config to track configuration changes and AWS CloudTrail to record API calls. (Correct An)
3. Use AWS Config to track configuration changes and Amazon CloudWatch to record API calls.
4. Use AWS CloudTrail to track configuration changes and Amazon CloudWatch to record API calls.