Services to Monitor Infrastructure Changes

Answer - D.

The AWS documentation mentions the following.

AWS Config provides a detailed view of the configuration of AWS resources in your AWS account.

This includes how the resources are related to one another and how they were configured in the past so that you can see how the configurations and relationships change over time.

For more information on AWS Config, please refer to the below URL:

All the services listed in the answers are AWS services that can be used to monitor changes to your infrastructure. However, each service has its own specific use cases, which we'll explore in detail below.

A. AWS CloudTrail: AWS CloudTrail is a service that provides a record of actions taken by a user, role, or an AWS service in your AWS account. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. CloudTrail captures API calls made by or on behalf of your AWS account and delivers the log files to an Amazon S3 bucket that you specify. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure.

B. AWS CloudWatch: AWS CloudWatch is a monitoring and observability service that provides data and actionable insights for AWS resources, applications, and services. CloudWatch collects and tracks metrics, collect and monitor log files, and set alarms. It provides you with visibility into resource utilization, operational performance, and overall health. CloudWatch can monitor AWS resources such as Amazon EC2 instances, Amazon RDS DB instances, and Amazon EMR clusters, as well as custom metrics generated by your applications and services, and any log files your applications generate.

C. AWS CloudWatch Logs: AWS CloudWatch Logs is a service for ingesting and storing log data from your applications and services. CloudWatch Logs makes it easy to centralize log data from multiple sources, including AWS resources, applications, and services. With CloudWatch Logs, you can monitor, store, and access log files from EC2 instances, AWS CloudTrail, and other AWS services. You can also use CloudWatch Logs to monitor and troubleshoot issues, detect patterns, and gain insights into your applications and services.

D. AWS Config: AWS Config is a service that provides you with a detailed inventory of your AWS resources and configurations, along with the history of changes made to them. AWS Config continuously monitors and records the configurations of your AWS resources, including EC2 instances, VPCs, IAM users and roles, and other resources. It also provides a change history for each resource, which you can use to troubleshoot issues, audit changes, and ensure compliance with regulatory requirements.

In conclusion, all of the listed services can be used to monitor changes to your infrastructure. AWS CloudTrail logs all API calls made in your AWS account, AWS CloudWatch monitors your resources and applications, AWS CloudWatch Logs monitors your log files, and AWS Config tracks your resource configurations and change history. The choice of service(s) you use depends on your specific use case and requirements.