AWS Certified Developer – Associate (DVA-C02) — Question 321
A company needs to deploy all its cloud resources by using AWS CloudFormation templates. A developer must create an Amazon Simple Notification Service (Amazon SNS) automatic notification to help enforce this rule. The developer creates an SNS topic and subscribes the email address of the company's security team to the SNS topic.
The security team must receive a notification immediately if an IAM role is created without the use of CloudFormation.
Which solution will meet this requirement?
Answer options
- A. Create an AWS Lambda function to filter events from CloudTrail if a role was created without CloudFormation. Configure the Lambda function to publish to the SNS topic. Create an Amazon EventBridge schedule to invoke the Lambda function every 15 minutes.
- B. Create an AWS Fargate task in Amazon Elastic Container Service (Amazon ECS) to filter events from CloudTrail if a role was created without CloudFormation. Configure the Fargate task to publish to the SNS topic. Create an Amazon EventBridge schedule to run the Fargate task every 15 minutes.
- C. Launch an Amazon EC2 instance that includes a script to filter events from CloudTrail if a role was created without CloudFormation. Configure the script to publish to the SNS topic. Create a cron job to run the script on tile EC2 instance every 15 minutes.
- D. Create an Amazon EventBridge rule to filter events from CloudTrail if a role was created without CloudFormation. Specify the SNS topic as the target of the EventBridge rule.
Correct answer: D
Explanation
Amazon EventBridge rules provide a near-real-time, serverless mechanism to filter AWS CloudTrail events and route them directly to targets like Amazon SNS, satisfying the requirement for immediate notification. Options A, B, and C introduce unnecessary operational overhead and introduce a 15-minute delay due to their polling schedules. Therefore, using an EventBridge rule with the SNS topic as the target is the most efficient, real-time, and cost-effective solution.