A company’s security information events management (SIEM) tool receives new AWS CloudTrail logs from an Amazon S3 bucket that is configured to send all object created event notifications to an Amazon SNS topic. An Amazon SQS queue is subscribed to this SNS topic. The company’s SIEM tool then polls this SQS queue for new messages using an IAM role and fetches new log events from the S3 bucket based on the SQS messages.
After a recent security review that resulted in restricted permissions, the SIEM tool has stopped receiving new CloudTrail logs.
Which of the following are possible causes of this issue? (Choose three.)
A. The SQS queue does not allow the SQS:SendMessage action from the SNS topic.
B. The SNS topic does not allow the SNS:Publish action from Amazon S3.
C. The SNS topic is not delivering raw messages to the SQS queue.
D. The S3 bucket policy does not allow CloudTrail to perform the PutObject action.
E. The IAM role used by the SIEM tool does not have permission to subscribe to the SNS topic.
F. The IAM role used by the SIEM tool does not allow the SQS:DeleteMessage action.
After a recent security review that resulted in restricted permissions, the SIEM tool has stopped receiving new CloudTrail logs.
Which of the following are possible causes of this issue? (Choose three.)
A. The SQS queue does not allow the SQS:SendMessage action from the SNS topic.
B. The SNS topic does not allow the SNS:Publish action from Amazon S3.
C. The SNS topic is not delivering raw messages to the SQS queue.
D. The S3 bucket policy does not allow CloudTrail to perform the PutObject action.
E. The IAM role used by the SIEM tool does not have permission to subscribe to the SNS topic.
F. The IAM role used by the SIEM tool does not allow the SQS:DeleteMessage action.