What should a solutions architect do to meet this requirement?
Store the uploaded documents in an Amazon S3 bucket with S3 Versioning and S3 Object Lock enabled.
Store the uploaded documents in an Amazon S3 bucket. Configure an S3 Lifecycle policy to archive the documents periodically.
Store the uploaded documents in an Amazon S3 bucket with S3 Versioning enabled. Configure an ACL to restrict all access to read-only.
Store the uploaded documents on an Amazon Elastic File System (Amazon EFS) volume. Access the data by mounting the volume in read-only mode.
Explanations:
Enabling S3 Versioning ensures that each version of an object is preserved, and S3 Object Lock in compliance mode prevents modification or deletion of documents, meeting the regulatory requirement.
S3 Lifecycle policies are used to automate transitions between storage classes but do not prevent modification or deletion of objects. This does not fulfill the requirement of preventing changes after storage.
While S3 Versioning is enabled, the ACL to restrict read-only access does not guarantee that documents cannot be deleted or modified. S3 Versioning alone is needed to preserve data integrity.
Amazon EFS does not offer features such as versioning or object locking, making it unsuitable for the requirement of preventing modifications or deletions of documents. EFS is designed for file-based storage, not for immutable object storage.
I systematize that the answer is:
Store the uploaded documents in an Amazon S3 bucket with S3 Versioning and S3 Object Lock enabled.