AWS Certified Solutions Architect – Associate (SAA-C02) — Question 656

A company must save all the email messages that its employees send to customers for a period of 12 months. The messages are stored in a binary format and vary in size from 1 KB to 20 KB. The company has selected Amazon S3 as the storage service for the messages.
Which combination of steps will meet these requirements MOST cost-effectively? (Choose two.)

Answer options

• A. Create an S3 bucket policy that denies the s3:DeleteObject action.
• B. Create an S3 Lifecycle configuration that deletes the messages after 12 months.
• C. Upload the messages to Amazon S3. Use S3 Object Lock in governance mode.
• D. Upload the messages to Amazon S3. Use S3 Object Lock in compliance mode.
• E. Use S3 Inventory. Create an AWS Batch job that periodically scans the inventory and deletes the messages after 12 months.

Correct answer: B, D

Explanation

S3 Object Lock in compliance mode (Option D) is required to guarantee that stored objects cannot be deleted or overwritten by any user, including the root account, during the defined retention period. To cost-effectively delete the messages after exactly 12 months, S3 Lifecycle configuration (Option B) is the native, automated, and free-of-charge solution. Using governance mode (Option C) or bucket policies (Option A) allows administrators to bypass deletions, while AWS Batch (Option E) introduces unnecessary operational complexity and compute costs.