An external auditor has been commissioned to review activity in your AWS account. She has asked to review all the API events in your account over the next two weeks. Your department currently has 7 AWS accounts and the auditor will need to assess each one. Which of the following options is the best way to configure this?
Configure CloudTrail in each account and send the logs to an S3 bucket in each account. Grant the auditor read only access to each S3 bucket to read the logs
Configure a new AWS Organization and add all the accounts to the organization, then configure CloudTrail for the primary account and grant the auditor access to read the logsSELECTED
Configure CloudWatch in each account and send the logs to an S3 bucket in each account. Grant the auditor read only access to each S3 bucket to read the logs
Configure CloudTrail in each account and send the logs to a single S3 bucket. Grant the auditor read only access to the S3 bucket to read the logs
In my opinion, using an AWS organization is always a preferred method with less work and better security.