What should the Administrator do with the weekly archive?
Upload the file to Amazon S3 through the AWS Management Console and apply a lifecycle policy to change the storage class to Amazon Glacier.
Upload the archive to the Amazon Glacier with the AWS CLI and enable Vault Lock.
Create a Linux EC2 instance with an encrypted Amazon EBS volume and copy each weekly archive file for this instance.
Create a file gateway attached to a file share on an S3 bucket with the storage class S3 Infrequent Access. Upload the archives via the gateway.
Explanations:
While Amazon S3 can be used for storing large files and applying lifecycle policies, using S3 alone does not ensure immutability and protection against deletions and modifications. Amazon Glacier is more appropriate for long-term storage but requires additional steps for legal compliance.
Uploading the archive directly to Amazon Glacier and enabling Vault Lock ensures that the data is immutable and cannot be deleted or modified for a specified retention period. This meets the legal requirements for data preservation and offers cost-effective long-term storage.
Creating a Linux EC2 instance with an encrypted EBS volume does not prevent the administrator from accidentally deleting or modifying the files. Additionally, the retrieval process may still be cumbersome and inefficient for large archives. This option does not provide the necessary data immutability or compliance with legal requirements.
Using a file gateway with S3 Infrequent Access allows for some flexibility in data management but does not provide the required immutability and protection against deletions or modifications. This option is not suitable for legal compliance and could lead to potential data loss.