You are trying to debug your Lambda function, however you notice that you are not receiving data level events from either Lambda or S3. What could be the reason for this? (Select 2)
a- Your function does not have permission to write data events and you need to enable cross origin resource sharing to allow S3 to send data events to CloudTrail
b- Your function does not have permission to write data events to CloudWatch, or your S3 bucket is not authorized to log data events to CloudWatch
c- Data events are disabled by default
d- You need to enable data events in Lambda and S3
e- You need to enable data events in CloudWatch
I initially thought the same – and that the answers would be B & D. However, the question is worded in a slightly tricky way – Data Events aren’t enabled in S3 or Lambda – they’re enabled in Cloudtrail for those services. So the answer would be B&C
This question appears designed to ensure you can differentiate between CloudWatch and CloudTrail. Both C and D are true statements. B is false, S3 doesn’t get authorized to log data to CloudWatch (this should be CloudTrail). E is false for the same reason. A is also false because CORS doesn’t have anything to do with S3 Data events logging to send to CloudTrail.
I think that B should say "CloudTrail" and that a mistake was made when typing the answers. The question description even says: "Data events provide insight into the resource operations performed on or within a resource, these events are often high-volume activities. Example data events include S3 object-level API activity and Lambda function execution activity , the Invoke API. Data events are disabled by default when you create a trail. To record CloudTrail data events, you must explicitly add the supported resources or resource types for which you want to collect activity to a trail."