An administrator is running a large deployment of AWS resources that are spread across several AWS Regions.
They would like to keep track of configuration changes on all the resources and maintain a configuration inventory.
What is the best service they can use?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer - D.
AWS Config will meet the scenario requirements.
The service allows the administrator to monitor and record configuration changes on AWS resources in their account.
The service also allows the administrator to create a resource configuration inventory.
https://aws.amazon.com/config/Option A is incorrect because AWS CloudFormation will allow the administrator to create templates of resources such as EC2 instances and RDS instances but not the actual configurations in these resources.
Option B is incorrect because Templates and Stacks form the basis of AWS CloudFormation.
They aid in the automated deployment of whole environments but not the applications that run in them.
Option C is incorrect because AWS Backup is a fully managed service that allows the administrator to back up data in the cloud and on-premises.
The service is not the most appropriate to monitor and record resource configuration changes.
The best service an administrator can use to keep track of configuration changes on all the resources and maintain a configuration inventory in a large deployment of AWS resources that are spread across several AWS Regions is AWS Config (Option D).
AWS Config is a fully managed service that provides a detailed view of the resources associated with an AWS account, including how they are configured, how they are related to one another, and how their configurations have changed over time. AWS Config enables continuous monitoring and recording of AWS resource configurations, which can be used for operational troubleshooting, compliance auditing, and security analysis.
With AWS Config, an administrator can set up rules to evaluate the configuration changes and track compliance with policies. If any resources are found to be out of compliance with policies, AWS Config can notify administrators through Amazon SNS, Amazon S3, or AWS Lambda.
AWS CloudFormation (Option A) is a service that allows an administrator to create and manage AWS resources using templates. It is used to provision and deploy a set of resources together in a predictable and repeatable manner.
AWS Backup (Option C) is a fully managed backup service that makes it easy to centralize and automate the backup of data across AWS services. It is used to automate backup policies and schedules, monitor backup activity, and restore data.
Stacks and Templates (Option B) are concepts used in AWS CloudFormation that allow an administrator to provision and manage a collection of related AWS resources together as a single unit. Stacks are created from templates, which are JSON or YAML formatted text files that describe the resources to be provisioned.
While AWS CloudFormation, AWS Backup, and Stacks and Templates can help an administrator manage and deploy AWS resources, they are not specifically designed to provide a detailed view of the configuration changes over time, which is what AWS Config is designed to do.