ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C02 topic 1 question 773 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C02
Question #: 773
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C02 Questions]

A company wants to analyze and troubleshoot Access Denied errors and Unauthorized errors that are related to IAM permissions. The company has AWS
CloudTrail turned on.
Which solution will meet these requirements with the LEAST effort?

  • A. Use AWS Glue and write custom scripts to query CloudTrail logs for the errors.
  • B. Use AWS Batch and write custom scripts to query CloudTrail logs for the errors.
  • C. Search CloudTrail logs with Amazon Athena queries to identify the errors.
  • D. Search CloudTrail logs with Amazon QuickSight. Create a dashboard to identify the errors.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by josh_fan at Oct. 16, 2022, 10:22 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
hro
1 year, 3 months ago
"You can use Amazon Athena queries or the AWS Command Line Interface (AWS CLI) to get error logs for IAM API call failures."
upvoted 1 times
...
coolkidsclubvip
1 year, 9 months ago
Selected Answer: D
query log with Athena???
upvoted 1 times
...
BECAUSE
2 years, 1 month ago
Selected Answer: D
D is the answer
upvoted 1 times
...
MassieMan
2 years, 6 months ago
Selected Answer: D
The correct answer is D! CloudTrail logs are stored natively within an S3 bucket , which can then be easily integrated with Amazon QuickSight. Amazon QuickSight is a data visualization tool which will show any IAM permissions-related Access Denied errors and Unauthorized errors. https://docs.aws.amazon.com/quicksight/latest/user/logging-using-cloudtrail.html
upvoted 1 times
...
MassieMan
2 years, 6 months ago
Selected Answer: C
Answer is C While option D may work, the question asks for the LEAST effort. Option D requires the creation of a dashboard.
upvoted 1 times
MassieMan
2 years, 6 months ago
CORRECTION - I WAS WRONG! THE ANSWER IS D
upvoted 1 times
...
...
Evangelia
2 years, 8 months ago
Selected Answer: C
its C. https://aws.amazon.com/premiumsupport/knowledge-center/troubleshoot-iam-permission-errors/
upvoted 4 times
...
josh_fan
2 years, 8 months ago
Selected Answer: D
IMO, it is D, for the reason that, it is more easier to trouble shoot a visulized thing.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel