Home › Forums › AWS › AWS Certified Security – Specialty › Clarification on CloudWatch
-
Clarification on CloudWatch
-
Hi,
I thought only CloudTrail records API history, but does CloudWatch record API as well? This is related to the question:
A chief technology officer has recently been invited as a speaker in a conference. During the technical presentation, she accidentally exposed an AWS access key and secret access key of their application. The Security Engineer disabled the compromised access keys only after 4 hours.
How can the Engineer effectively assess the extent of the key exposure and track the activity history? (Select TWO.)
Thanks in advance!
- This discussion was modified 2 years ago by synkoo.
-
Hi synkoo,
Thank you for your message. We have updated the options for this specific question in our practice tests and changes will be reflected soon.
To further clarify, you can use Amazon CloudWatch Log queries to search the API history from CloudTrail logs. You can run CloudWatch queries to search the API history made by a specific IAM user or access key beyond the last 90 days.
Let us know if you need further assistance. The Tutorials Dojo team is dedicated to help you pass your AWS exam on your first try!
Best Regards,
JM @ Tutorials Dojo
Log in to reply.