Which combination of steps will meet these requirements MOST cost-effectively?
(Choose two.)
Create an S3 bucket policy that denies the s3:DeleteObject action.
Create an S3 Lifecycle configuration that deletes the messages after 12 months.
Upload the messages to Amazon S3. Use S3 Object Lock in governance mode.
Upload the messages to Amazon S3. Use S3 Object Lock in compliance mode.
Use S3 Inventory. Create an AWS Batch job that periodically scans the inventory and deletes the messages after 12 months.
Explanations:
While creating an S3 bucket policy that denies thes3:DeleteObjectaction prevents objects from being deleted before the retention period ends, it does not address the requirement to automatically delete objects after 12 months.
Creating an S3 Lifecycle configuration that deletes messages after 12 months aligns with the requirement to save messages for 12 months and then remove them, making it a cost-effective solution.
Using S3 Object Lock in governance mode would allow deletion of objects if the appropriate permissions are granted, which does not satisfy the need for retention. It also adds unnecessary complexity and cost for the requirement.
S3 Object Lock in compliance mode ensures that objects cannot be deleted or overwritten for a specified retention period (12 months), thus ensuring compliance with the retention requirement.
While using S3 Inventory to periodically scan and delete messages could theoretically fulfill the requirement, it is more complex and costly than using lifecycle policies. Moreover, it does not provide a direct way to enforce retention like lifecycle configurations or Object Lock.