Here are my thoughts on this:
Cloud Trial is used for the auditing purpose.
In AWS documentation, it’s clearly mentioned that"AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account.
With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure.
CloudTrail provides an event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services.
This event history simplifies security analysis, resource change tracking, and troubleshooting."
So it’s mainly used to track changes to resources and recording the user activity on your AWS account. So, It’s not a valid option here.
There are no metrics available in CloudWatch to track IP add an EC2 instance. So, It’s not a valid option.
You can see all available metrics in AWS CloudWatch Here
Trust Advisor works at AWS account level and it provides the best practices. So, this is not suitable here.
VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC.
AWS says that"Flow logs can help you with a number of tasks; for example, to troubleshoot why specific traffic is not reaching an instance, which in turn helps you diagnose overly restrictive security group rules.
You can also use flow logs as a security tool to monitor the traffic that is reaching your instance." So it’s a Correct and Valid Option based on the mentioned requirement.
Feedback is welcome:)