AWS Certified Cloud Practitioner — Question 762

A company wants to push VPC Flow Logs to an Amazon S3 bucket.

Which action is the company’s responsibility?

Answer options

• A. Managing the infrastructure that runs the S3 bucket
• B. Managing the data in transit
• C. Managing the encryption options on the S3 bucket
• D. Managing the operating system updates on the S3 bucket

Correct answer: C

Explanation

Under the AWS Shared Responsibility Model, AWS manages the underlying infrastructure, physical hardware, and operating system updates for managed services like Amazon S3. The customer is responsible for configuring security settings and data protection, which includes managing the encryption options on the S3 bucket. Therefore, option C is correct, while options A, B, and D are responsibilities handled entirely by AWS.