Which AWS service will meet this requirement?
AWS Trusted Advisor
Amazon CloudWatch
Amazon GuardDuty
AWS Health Dashboard
Explanations:
AWS Trusted Advisor provides real-time guidance to help provision your resources following AWS best practices. It includes checks for security group configurations, specifically identifying any that allow unrestricted access to certain ports, such as 22 (SSH) and 80 (HTTP).
Amazon CloudWatch is primarily used for monitoring and observability of AWS resources and applications. While it can track metrics and log events, it does not specifically monitor for misconfigured security groups or provide direct insights into their security posture.
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior in AWS accounts and workloads. It does not focus specifically on identifying misconfigured security groups or unrestricted access to ports.
AWS Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact your resources. It does not monitor or assess the configurations of security groups for unrestricted access to specific ports.