AWS Certified Security – Specialty (SCS-C02) — Question 287

A company needs to implement data lifecycle management for Amazon RDS snapshots. The company will use AWS Backup to manage the snapshots.

The company must retain RDS automated snapshots for 5 years and will use Amazon S3 for long-term archival storage.

Which solution will meet these requirements?

Answer options

• A. Use AWS Backup to apply a 5-year retention tag to the RDS snapshots.
• B. Enable versioning on the S3 bucket that AWS Backup uses for the RDS snapshots. Configure a 5-year retention period.
• C. Create an S3 Lifecycle policy. Include a 5-year retention period for the S3 bucket that AWS Backup uses for the RDS snapshots.
• D. Create a backup plan in AWS Backup. Configure a 5-year retention period.

Correct answer: D

Explanation

To manage the lifecycle of AWS Backup recovery points, you must configure a backup plan with the desired retention period, which automatically handles transitioning snapshots to colder storage tiers or deleting them after the specified time. Users do not have direct access to manage or apply S3 Lifecycle policies to the underlying S3 buckets used by AWS Backup vaults, making options B and C incorrect. Additionally, simply applying a tag as suggested in option A does not enforce retention rules without a defined backup plan.