Which solution will meet this requirement?
Create an AWS Lambda function to filter events from CloudTrail if a role was created without CloudFormation. Configure the Lambda function to publish to the SNS topic. Create an Amazon EventBridge schedule to invoke the Lambda function every 15 minutes.
Create an AWS Fargate task in Amazon Elastic Container Service (Amazon ECS) to filter events from CloudTrail if a role was created without CloudFormation. Configure the Fargate task to publish to the SNS topic. Create an Amazon EventBridge schedule to run the Fargate task every 15 minutes.
Launch an Amazon EC2 instance that includes a script to filter events from CloudTrail if a role was created without CloudFormation. Configure the script to publish to the SNS topic. Create a cron job to run the script on tile EC2 instance every 15 minutes.
Create an Amazon EventBridge rule to filter events from CloudTrail if a role was created without CloudFormation. Specify the SNS topic as the target of the EventBridge rule.
Explanations:
While using Lambda can filter CloudTrail events, running it on a schedule every 15 minutes introduces delays, failing to provide immediate notifications.
Similar to Option A, using Fargate with a scheduled task is inefficient for immediate notifications and relies on a 15-minute interval.
An EC2 instance running a script also lacks immediacy and is dependent on a cron job, which doesn’t guarantee real-time notifications.
An EventBridge rule can directly filter CloudTrail events and trigger SNS notifications immediately when an IAM role is created outside CloudFormation, meeting the requirement perfectly.