Which solution meets these requirements?
Modify the default option group parameters to enable Advanced Auditing. Restart the database for the changes to take effect.
Create a custom DB cluster parameter group. Modify the parameters for Advanced Auditing. Modify the cluster to associate the new custom DB parameter group with the Aurora MySQL DB cluster.
Take a snapshot of the database. Create a new DB instance, and enable custom auditing and logging to CloudWatch. Deactivate the DB instance that has no logging.
Enable AWS CloudTrail for the DB instance. Create a filter that provides only connections, disconnections, queries, and tables queried.
Explanations:
Modifying the default option group parameters will not enable Advanced Auditing for Amazon Aurora MySQL. Aurora MySQL uses parameter groups, not option groups, to configure audit logging settings.
Creating a custom DB cluster parameter group and modifying the parameters for Advanced Auditing is the correct approach. Aurora MySQL allows for the configuration of audit logging through parameter groups, and associating a custom parameter group with the DB cluster will enable the required logging.
Taking a snapshot and creating a new DB instance does not directly address the requirement to enable audit logging on the Aurora MySQL DB cluster. Additionally, there is no need to deactivate the DB instance with no logging, as the solution should enable auditing on the existing instance.
AWS CloudTrail is used for tracking API calls, not database activity. It does not provide detailed auditing for database queries, connections, or tables queried, which is what is required in this case. CloudTrail is not suitable for auditing Aurora MySQL activity directly.
I map out that the answer is:
Create a custom DB cluster parameter group. Modify the parameters for Advanced Auditing. Modify the cluster to associate the new custom DB parameter group with the Aurora MySQL DB cluster.