Topic 1 Question 192
2 つ選択AWS CloudTrail is being used to monitor API calls in an organization. An audit revealed that CloudTrail is failing to deliver events to Amazon S3 as expected.
What initial actions should be taken to allow delivery of CloudTrail events to S3?
Verify that the S3 bucket policy allows CloudTrail to write objects.
Verify that the IAM role used by CloudTrail has access to write to Amazon CloudWatch Logs.
Remove any lifecycle policies on the S3 bucket that are archiving objects to S3 Glacier Flexible Retrieval.
Verify that the S3 bucket defined in CloudTrail exists.
Verify that the log file prefix defined in CloudTrail exists in the S3 bucket.
ユーザの投票
コメント(9)
- 正解だと思う選択肢: AD
While the log file prefix is important for organizing logs within the S3 bucket, the prefix does not need to exist beforehand. CloudTrail will automatically create the necessary directories (based on the prefix) in the S3 bucket when logs are delivered. The existence of the prefix itself is not a critical requirement for the delivery of CloudTrail logs.
👍 2youonebe2025/01/07 AE might be the right answer?
👍 1SkyBlueUS2024/10/04It's AD
👍 1Bad_Mat2024/10/21
シャッフルモード