You design CloudFormation templates which are used to provision infrastructure for your company's account.
This is the primary way in which resources can be created.
But apart from CloudFormation, the company wants to get automated alerts if any other resources get created.
Choose 3 services from the below list that can help accomplish this.
Click on the arrows to vote for the correct answer
A. B. C. D. E. F.Answer - A, B and C.
The AWS Config service is specifically used for this purpose.
Any resource changes can trigger a lambda function and notifications via the SNS service.
The AWS Documentation mentions the following on the AWS config service.
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources.
Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations.
With Config, you can review changes in configurations and relationships between AWS resources, dive into detailed resource configuration histories, and determine your overall compliance against the configurations specified in your internal guidelines.
This enables you to simplify compliance auditing, security analysis, change management, and operational troubleshooting.
Option D is invalid because CloudFormation is already used as a service in the question.
Option E is invalid because this is used for creating stacks of resources like CloudFormation.
Option F is invalid because this will not give a trail of what resources got created.
For more information on the AWS Config service, please refer to the below URL.
https://aws.amazon.com/config/The question is asking for three AWS services that can be used to send automated alerts when resources are created outside of CloudFormation templates.
Here are detailed explanations of the three correct answers:
AWS Config AWS Config is a fully managed service that provides a detailed inventory of resources in an AWS account and tracks changes to those resources over time. AWS Config can be used to continuously monitor the account for compliance with best practices and security requirements, and it can send alerts when resources are created or changed outside of CloudFormation templates. By using AWS Config, you can enforce compliance policies and ensure that all resources are created and managed in accordance with company standards.
AWS Lambda AWS Lambda is a serverless compute service that allows you to run code in response to events, such as the creation of new resources in an AWS account. By using Lambda, you can create custom scripts or functions that are triggered whenever a new resource is created or modified outside of CloudFormation templates. Lambda can then send automated alerts or perform other actions, such as updating AWS Config records or modifying security groups.
Simple Notification Service (SNS) Simple Notification Service is a fully managed messaging service that enables the creation and delivery of notifications. SNS can be used to send alerts via email, SMS, or other messaging protocols when new resources are created or modified outside of CloudFormation templates. By using SNS, you can set up customized alerts for different types of resources and ensure that the appropriate personnel are notified immediately when new resources are created.
Here are brief explanations of the incorrect answers:
CloudFormation: This is the service used to provision infrastructure, but it cannot be used to send automated alerts when resources are created outside of CloudFormation templates.
OpsWorks: This is a configuration management service that can be used to deploy and manage applications, but it does not have any features for sending alerts when new resources are created outside of CloudFormation templates.
CloudWatch Logs: This is a logging service that can be used to monitor and analyze logs generated by AWS resources, but it does not have any features for sending alerts when new resources are created outside of CloudFormation templates.