For this purpose, the company plans to use AWS logging and save logs to Amazon S3How can a database specialist activate logging on the database?

By:
On:
In: DBS-C01
Tagged:
With: 0 Comments
An ecommerce company uses Amazon DynamoDB as the backend for its payments system.A new regulation requires the company to log all data access requests for financial audits.

For this purpose, the company plans to use AWS logging and save logs to Amazon S3How can a database specialist activate logging on the database?

Use AWS CloudTrail to monitor DynamoDB control-plane operations. Create a DynamoDB stream to monitor data-plane operations. Pass the stream to Amazon Kinesis Data Streams. Use that stream as a source for Amazon Kinesis Data Firehose to store the data in an Amazon S3 bucket.

Use AWS CloudTrail to monitor DynamoDB data-plane operations. Create a DynamoDB stream to monitor control-plane operations. Pass the stream to Amazon Kinesis Data Streams. Use that stream as a source for Amazon Kinesis Data Firehose to store the data in an Amazon S3 bucket.

Create two trails in AWS CloudTrail. Use Trail1 to monitor DynamoDB control-plane operations. Use Trail2 to monitor DynamoDB data-plane operations.

Use AWS CloudTrail to monitor DynamoDB data-plane and control-plane operations.

Explanations:

AWS CloudTrail captures control-plane and data-plane operations for DynamoDB directly. A DynamoDB stream is not required for logging to S3 in this scenario.

AWS CloudTrail handles both control-plane and data-plane logging for DynamoDB, without needing a DynamoDB stream for logging purposes.

AWS CloudTrail can monitor both control-plane and data-plane operations in a single trail; two separate trails are unnecessary for this purpose.

AWS CloudTrail can log both control-plane and data-plane operations for DynamoDB, fulfilling the logging requirement for audit purposes without extra configurations.

Leave a Reply

Your email address will not be published. Required fields are marked *

seventeen − ten =