Which solution will meet these requirements with the LEAST development effort?
Change the IAM policy of the user to deny EBS snapshot deletion.
Copy the EBS snapshots to another AWS Region after completing the snapshots daily.
Create a 7-day EBS snapshot retention rule in Recycle Bin and apply the rule for all snapshots.
Copy EBS snapshots to Amazon S3 Standard-Infrequent Access (S3 Standard-IA).
Explanations:
Changing the IAM policy to deny EBS snapshot deletion would prevent any user with that policy from deleting snapshots, but it does not solve the underlying issue of accidental deletions through scripts. It also might cause operational challenges if snapshots need to be managed or cleaned up.
Copying EBS snapshots to another AWS Region does provide redundancy, but it introduces additional complexity and does not directly prevent the loss of snapshots in the original region. This solution also requires more management overhead and cost considerations.
Creating a 7-day EBS snapshot retention rule in the Recycle Bin provides a straightforward method to protect against accidental deletions. It allows for a defined retention period where snapshots are recoverable, minimizing the risk of permanent data loss while not retaining snapshots indefinitely.
Copying EBS snapshots to Amazon S3 Standard-IA does not directly prevent data loss, as the original EBS snapshots would still be subject to deletion. Moreover, it complicates the architecture without addressing the core issue of accidental deletions within the EBS environment.