A company has two AWS accounts in the same AWS Region. One account is a publisher account…

Question

A company has two AWS accounts in the same AWS Region. One account is a publisher account, and the other account is a subscriber account. Each account has its own Amazon S3 bucket.
An application puts media objects into the publisher account's S3 bucket. The objects are encrypted with server-side encryption with customer-provided encryption keys (SSE-C). The company needs a solution that will automatically copy the objects to the subscriber's account's S3 bucket.
Which solution will meet these requirements with the LEAST operational overhead?

Accepted Answer

Correct answer: A. A. Enable S3 Versioning on the publisher account's S3 bucket. Configure S3 Same-Region Replication of the objects to the subscriber account's S3 bucket. — S3 Same-Region Replication (SRR) is a fully managed feature that automatically replicates objects, including those encrypted with SSE-C, between buckets with minimal operational overhead. Options B and C require writing, maintaining, and scaling custom AWS Lambda code, which introduces unnecessary development and maintenance effort. Option D relies on manual intervention via the S3 console, which fails to meet the requirement for an automated solution with minimal operational overhead.

AWS Certified Solutions Architect – Associate (SAA-C02) — Question 766

Answer options

Correct answer: A

Explanation