Which service should the solutions architect use to find the desired information?

By:
In: SAA-C03
Tagged:
With: 2 Comments
An IAM user made several configuration changes to AWS resources in their company’s account during a production deployment last week.A solutions architect learned that a couple of security group rules are not configured as desired.The solutions architect wants to confirm which IAM user was responsible for making changes.

Which service should the solutions architect use to find the desired information?

Amazon GuardDuty

Amazon Inspector

AWS CloudTrail

AWS Config

Explanations:

Amazon GuardDuty is a threat detection service that monitors malicious activity and unauthorized behavior in AWS accounts. It does not provide detailed logs of configuration changes made by IAM users.

Amazon Inspector is a security assessment service that helps improve the security and compliance of applications deployed on AWS. It focuses on analyzing the security state of applications rather than tracking changes made by IAM users.

AWS CloudTrail is a service that enables governance, compliance, and operational and risk auditing of AWS accounts. It provides detailed logs of API calls made in the account, including who made the calls and what changes were made to resources, making it the appropriate service to identify which IAM user made specific changes.

AWS Config is a service that provides AWS resource inventory, configuration history, and configuration change notifications. While it can track configuration changes, it does not specifically identify which IAM user made those changes. AWS CloudTrail is more suitable for this purpose.

2026-03-13

2 Comments

  1. Nathan
    Author

    If I’m correct, the answer is:
    AWS CloudTrail

  2. Diane
    Author

    I reckon the answer is:
    AWS CloudTrail

Leave a Reply

Your email address will not be published. Required fields are marked *

17 − five =