Which services can the solutions architect recommend to meet these requirements?

By:
On:
In: SAA-C02
Tagged:
With: 0 Comments
A company is managing health records on-premises.The company must keep these records indefinitely, disable any modifications to the records once they are stored, and granularly audit access at all levels.The chief technology officer (CTO) is concerned because there are already millions of records not being used by any application, and the current infrastructure is running out of space.The CTO has requested a solutions architect design a solution to move existing data and support future records.

Which services can the solutions architect recommend to meet these requirements?

Use AWS DataSync to move existing data to AWS. Use Amazon S3 to store existing and new data. Enable Amazon S3 object lock and enable AWS CloudTrail with data events.

Use AWS Storage Gateway to move existing data to AWS. Use Amazon S3 to store existing and new data. Enable Amazon S3 object lock and enable AWS CloudTrail with management events.

Use AWS DataSync to move existing data to AWS. Use Amazon S3 to store existing and new data. Enable Amazon S3 object lock and enable AWS CloudTrail with management events.

Use AWS Storage Gateway to move existing data to AWS. Use Amazon Elastic Block Store (Amazon EBS) to store existing and new data. Enable Amazon S3 object lock and enable Amazon S3 server access logging.

Explanations:

AWS DataSync is suitable for moving existing data to AWS. Amazon S3 can store data indefinitely, and enabling S3 Object Lock ensures records cannot be modified once stored. AWS CloudTrail with data events allows granular auditing of access at the object level, meeting the requirements for auditability.

AWS Storage Gateway is designed for hybrid cloud storage, but it’s not primarily for moving large volumes of existing data to AWS. While Amazon S3 is suitable for storage and S3 Object Lock meets the modification requirements, enabling CloudTrail with management events does not provide the required granular auditing at the object level.

AWS DataSync can effectively move existing data to AWS and Amazon S3 is a suitable storage solution. However, enabling CloudTrail with management events does not offer the necessary granular auditing of access to individual records, which is required for compliance with health records management.

AWS Storage Gateway is not the best fit for migrating large amounts of existing data to AWS compared to DataSync. Although Amazon EBS could store data, it doesn’t provide indefinite storage capabilities or S3 Object Lock functionality. Furthermore, enabling S3 server access logging does not meet the requirement for granular auditing of access to the records themselves.

Leave a Reply

Your email address will not be published. Required fields are marked *

10 − eight =