Question #1052
A marketing firm uses Amazon SES to send email campaigns. They need to log email open and click events for compliance audits. The solution must allow querying based on recipient, timestamp, and event type. Which combination of steps should be taken? (Choose two.)
Create an Amazon SES configuration set with Amazon Kinesis Data Firehose as the destination. Configure Kinesis Data Firehose to deliver logs to an Amazon S3 bucket.
Enable AWS CloudTrail logging for SES and specify an S3 bucket for log storage.
Use Amazon Athena to query the logs in the S3 bucket for recipient, timestamp, and event type.
Create an Amazon CloudWatch Log group and configure SES to send logs to it.
Use Amazon CloudWatch Logs Insights to query the logs for the required fields.
Explanation
A. SES configuration sets route email event data (opens/clicks) to Kinesis Data Firehose, which streams logs to S3 for durable storage. This meets the logging requirement.
C. Amazon Athena queries structured logs in S3 using SQL, enabling filtering by recipient, timestamp, and event type for compliance audits.
Why others are incorrect:
- B: CloudTrail logs API calls, not SES email events.
- D/E: CloudWatch Logs captures metrics, not granular SES event details, and lacks Athena's query flexibility.
Key Points:
1. SES configuration sets + Kinesis Firehose enable event logging.
2. Athena is ideal for querying S3 logs with SQL.
Answer
The correct answer is: AC