AWS Certified Solutions Architect – Associate (SAA-C02) — Question 34

A solutions architect is implementing a document review application using an Amazon S3 bucket for storage. The solution must prevent an accidental deletion of the documents and ensure that all versions of the documents are available. Users must be able to download, modify, and upload documents.
Which combination of actions should be taken to meet these requirements? (Choose two.)

Answer options

• A. Enable a read-only bucket ACL.
• B. Enable versioning on the bucket.
• C. Attach an IAM policy to the bucket.
• D. Enable MFA Delete on the bucket.
• E. Encrypt the bucket using AWS KMS.

Correct answer: B, D

Explanation

Enabling versioning on the bucket (option B) allows all versions of the documents to be retained, preventing data loss from accidental deletions. Activating MFA Delete (option D) adds an extra layer of security that requires multi-factor authentication for delete operations, thus further protecting the documents from unintended removal. The other options do not meet the requirements for preventing deletion or ensuring version availability.