AWS Certified Developer – Associate (DVA-C02) — Question 403

A company had an Amazon RDS for MySQL DB instance that was named mysql-db. The DB instance was deleted within the past 90 days.

A developer needs to find which IAM user or role deleted the DB instance in the AWS environment.

Which solution will provide this information?

Answer options

• A. Retrieve the AWS CloudTrail events for the resource mysql-db where the event name is DeleteDBInstance. Inspect each event.
• B. Retrieve the Amazon CloudWatch log events from the most recent log stream within the rds/mysql-db log group. Inspect the log events.
• C. Retrieve the AWS X-Ray trace summaries. Filter by services with the name mysql-db. Inspect the ErrorRootCauses values within each summary.
• D. Retrieve the AWS Systems Manager deletions inventory. Filter the inventory by deletions that have a TypeName value of RDS. Inspect the deletion details.

Correct answer: A

Explanation

AWS CloudTrail records API activity within an AWS account, allowing users to look up management events such as DeleteDBInstance to identify the IAM identity that initiated the deletion. Amazon CloudWatch logs and AWS X-Ray traces are used for application monitoring and performance debugging, not for auditing administrative API calls. AWS Systems Manager inventory tracks software and configuration states of managed instances, making it unable to provide audit logs for RDS resource deletions.