A DevOps engineer is scheduling legacy AWS KMS keys for deletion and has created a remediation AWS Lambda function that will re-enable a key if necessary. The engineer wants to automate this process with available AWS CloudTrail data so, if a key scheduled for deletion is in use, it will be re-enabled. Which solution enables this automation?
A) Create an Amazon CloudWatch Logs metric filter and alarm for KMS events with an error message. Set the remediation Lambda function as the target of the alarm.
B) Create an Amazon CloudWatch Logs metric filter and alarm for KMS events with an error message. Create an Amazon SNS topic as the target of the alarm. Subscribe the remediation Lambda function to the SNS topic.
C) Create an Amazon CloudWatch Events rule pattern looking for KMS service events with an error message. Create an Amazon SNS topic as the target of the rule. Subscribe the remediation Lambda function to the SNS topic.
D) Use Amazon CloudTrail to alert for KMS service events with an error message. Set the remediation Lambda function as the target of the rule.
Correct Answer:
Verified
Q252: After a recent audit, a company decided
Q253: A company is developing a web application's
Q254: A DevOps engineer is deploying a new
Q255: A company wants to use AWS Systems
Q256: A software company wants to automate the
Q258: A company requires its internal business teams
Q259: A company wants to migrate its content
Q260: A company uses AWS Storage Gateway in
Q261: You are responsible for your company's large
Q262: You have an application running on an
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents