Which solution will meet these requirements with the LEAST operational overhead?
Create an AWS Lambda function to query AWS CloudTrail logs and to send an alert when a CreateImage API call is detected.
Configure AWS CloudTrail with an Amazon Simple Notification Service (Amazon SNS) notification that occurs when updated logs are sent to Amazon S3. Use Amazon Athena to create a new table and to query on Createlmage when an API call is detected.
Create an Amazon EventBridge (Amazon CloudWatch Events) rule for the CreateImage API call. Configure the target as an Amazon Simple Notification Service (Amazon SNS) topic to send an alert when a Createlmage API call is detected.
Configure an Amazon Simple Queue Service (Amazon SQS) FIFO queue as a target for AWS CloudTrail logs. Create an AWS Lambda function to send an alert to an Amazon Simple Notification Service (Amazon SNS) topic when a CreateImage API call is detected.
Explanations:
This option requires a Lambda function to constantly query CloudTrail logs, which involves additional operational overhead for managing the function and scheduling the queries, leading to potential latency in alerting.
This solution involves multiple services: setting up CloudTrail, configuring S3, and using Athena for querying. It requires more management and complexity due to multiple components and delayed alerting as logs are batched and then queried.
Using Amazon EventBridge to create a rule for the CreateImage API call is efficient as it directly captures the event without needing additional processing. It sends alerts immediately through an SNS topic, ensuring low operational overhead and prompt notifications.
This option involves using SQS and Lambda, which adds unnecessary complexity. The logs from CloudTrail are sent to SQS and then processed by Lambda, leading to higher operational overhead compared to using EventBridge directly.