CloudTrail is the correct answer:
https://aws.amazon.com/cloudtrail/features/
"CloudTrail records user activity and API calls across AWS services as events. CloudTrail events help you answer the questions of "who did what, where, and when?""
C. Use AWS CloudTrail to see if the security group was changed.
AWS CloudTrail provides a history of events for an AWS account, including API calls made to EC2 and changes made to security groups. By using CloudTrail, the user can determine whether a change was made to the security groups of an EC2 instance in the last month. CloudTrail logs can be searched and filtered to identify security group-related events, including changes to the rules, additions or removal of security groups, and modifications to existing security groups.
Option A is not the recommended way to see if the security group was changed, as EC2 provides limited access to its own logs and events.
Option B is not directly relevant, as IAM is not used to track changes to security groups.
Option D is also not the recommended way to see if the security group was changed, as CloudWatch is primarily used for monitoring and alerting on performance metrics, rather than tracking configuration changes.
AWS CloudTrail is a service that provides a detailed audit trail of events and actions taken within an AWS account. It captures and logs API activity, including changes made to resources like security groups. By enabling CloudTrail and reviewing its logs, the user can track and identify any modifications made to the EC2 instance's security groups.
CloudTrail records information such as the identity of the user or role making the changes, the time of the change, and the details of the modification. This allows users to gain visibility into the actions performed on their resources and supports security analysis, resource change tracking, and compliance auditing.
CloudTrail is the correct answer:
https://aws.amazon.com/cloudtrail/features/
"CloudTrail records user activity and API calls across AWS services as events. CloudTrail events help you answer the questions of "who did what, where, and when?"
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
41km
Highly Voted 2 years, 8 months agoCloudalina
Highly Voted 2 years, 2 months agosonaljain
Most Recent 4 months, 1 week agoRangilaThakur
1 year, 3 months agotechandra
1 year, 5 months agoPranava_GCP
1 year, 8 months agoamitpandharikar
1 year, 9 months agoman5484
1 year, 10 months agoSTOPITALREADY
1 year, 10 months agoESAJRR
1 year, 10 months agoWarsame21
1 year, 10 months agoGorioDeCavite
1 year, 11 months agojulianorr
1 year, 11 months agoRama_K
2 years agoGuru4Cloud
2 years, 1 month agoelidiojose
2 years, 1 month agoAmycert
2 years, 2 months ago