Which solution will meet these requirements with the LEAST operational overhead?

By:
On:
In: SAA-C03
Tagged:
With: 0 Comments
A company stores data in PDF format in an Amazon S3 bucket.The company must follow a legal requirement to retain all new and existing data in Amazon S3 for 7 years.

Which solution will meet these requirements with the LEAST operational overhead?

Turn on the S3 Versioning feature for the S3 bucket. Configure S3 Lifecycle to delete the data after 7 years. Configure multi-factor authentication (MFA) delete for all S3 objects.

Turn on S3 Object Lock with governance retention mode for the S3 bucket. Set the retention period to expire after 7 years. Recopy all existing objects to bring the existing data into compliance.

Turn on S3 Object Lock with compliance retention mode for the S3 bucket. Set the retention period to expire after 7 years. Recopy all existing objects to bring the existing data into compliance.

Turn on S3 Object Lock with compliance retention mode for the S3 bucket. Set the retention period to expire after 7 years. Use S3 Batch Operations to bring the existing data into compliance.

Explanations:

S3 Versioning with a Lifecycle policy to delete after 7 years does not enforce a legal hold. MFA delete provides extra security but does not ensure retention compliance.

Governance mode allows privileged users to bypass retention if needed, which does not fully meet strict compliance requirements.

Compliance mode is appropriate for retention, but manually recopying all objects adds unnecessary operational overhead.

Compliance mode enforces retention without bypass, and S3 Batch Operations can apply retention settings to all existing objects efficiently, minimizing operational work.

Leave a Reply

Your email address will not be published. Required fields are marked *

fourteen + 15 =