Which AWS service will meet this requirement?
AWS WAF
Amazon Detective
Amazon CloudWatch
AWS CloudTrail
Explanations:
AWS WAF (Web Application Firewall) is designed to protect web applications from common web exploits by allowing users to create security rules. It does not specifically review or log user activity through API calls.
Amazon Detective helps in analyzing and investigating security incidents and anomalies within AWS accounts. While it provides insights into user activity, it does not primarily focus on logging API call activities.
Amazon CloudWatch is a monitoring service for AWS cloud resources and applications. It provides metrics and logs but does not specifically focus on user activity related to API calls.
AWS CloudTrail is a service that enables governance, compliance, and operational and risk auditing of AWS accounts. It specifically logs API calls made within an AWS account, allowing for the review of user activity effectively.