AWS Certified Solutions Architect – Associate (SAA-C03) — Question 42

A company hosts its multi-tier applications on AWS. For compliance, governance, auditing, and security, the company must track configuration changes on its AWS resources and record a history of API calls made to these resources.
What should a solutions architect do to meet these requirements?

Answer options

• A. Use AWS CloudTrail to track configuration changes and AWS Config to record API calls.
• B. Use AWS Config to track configuration changes and AWS CloudTrail to record API calls.
• C. Use AWS Config to track configuration changes and Amazon CloudWatch to record API calls.
• D. Use AWS CloudTrail to track configuration changes and Amazon CloudWatch to record API calls.

Correct answer: B

Explanation

The correct answer is B because AWS Config is specifically designed to track configuration changes of AWS resources, while AWS CloudTrail records API calls made to those resources. The other options incorrectly assign the functions, which would not meet the compliance and auditing requirements.