A company's DevOps team launches a WorkSpace using Amazon WorkSpaces for each new user. Recently, the Security team said that WorkSpaces for these new users are not consistently being tagged. Company policy requires that all WorkSpaces be tagged with USERNAME automatically upon creation.
Which combination of steps should the DevOps Engineer take to address this requirement? (Choose two.)
A. Add an AWS Lambda function policy allowing cloudtrail.amazonaws.com to use the lambda:InvokeFunction action.
B. Create a new Amazon CloudWatch Events event pattern rule based on Amazon WorkSpaces with an AWS API Call via CloudTrail event type. Select the CreateWorkspaces operation, and target an AWS Lambda function that will tag the Workspace.
C. Ensure AWS CloudTrail is enabled in all Regions where WorkSpaces are created.
D. Enable custom tagging for Amazon WorkSpaces from the directory details.
E. Create a new Amazon CloudWatch Events scheduled event rule based on Amazon WorkSpaces with an interval of 1 minute. Target an AWS Lambda function that will tag the Workspace.
Which combination of steps should the DevOps Engineer take to address this requirement? (Choose two.)
A. Add an AWS Lambda function policy allowing cloudtrail.amazonaws.com to use the lambda:InvokeFunction action.
B. Create a new Amazon CloudWatch Events event pattern rule based on Amazon WorkSpaces with an AWS API Call via CloudTrail event type. Select the CreateWorkspaces operation, and target an AWS Lambda function that will tag the Workspace.
C. Ensure AWS CloudTrail is enabled in all Regions where WorkSpaces are created.
D. Enable custom tagging for Amazon WorkSpaces from the directory details.
E. Create a new Amazon CloudWatch Events scheduled event rule based on Amazon WorkSpaces with an interval of 1 minute. Target an AWS Lambda function that will tag the Workspace.