There is a requirement to get the source IP addresses that access resources in a private subnet. Which of the following cost-optimized service could be used to fulfill this purpose?

Answer options:

A.Trusted Advisor
B.VPC Flow Logs
C.Use CloudWatch metrics
D.Use CloudTrail

Correct Answer – B
The AWS Documentation mentions the following:
VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. Flow log data is stored using Amazon CloudWatch Logs. After you`ve created a flow log, you can view and retrieve its data in Amazon CloudWatch Logs.
For more information on VPC Flow Logs, please visit the following URL:
https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html
Option A is INCORRECT because AWS Trusted Advisor is your customized cloud expert! It helps you to observe the best practices for using AWS by inspecting your AWS environment to save money, improve system performance and reliability, and close security gaps.
Option C is INCORRECT because CloudWatch Metric is mainly used for performance metrics and cannot provide the source IP addresses.
Option D is INCORRECT because AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. However, it is costly to use a CloudTrail.
https://aws.amazon.com/about-aws/whats-new/2018/08/aws-cloudtrail-adds-vpc-endpoint-support-to-aws-privatelink/#:~:text=This%20enables%20you%20to%20connect,VPC%20through%20the%20Amazon%20network.&text=By%20using%20AWS%20CloudTrail%20with,your%20compliance%20and%20regulatory%20requirements