AWS Certified Solutions Architect – Associate (SAA-C03) — Question 248

A company needs to retain its AWS CloudTrail logs for 3 years. The company is enforcing CloudTrail across a set of AWS accounts by using AWS Organizations from the parent account. The CloudTrail target S3 bucket is configured with S3 Versioning enabled. An S3 Lifecycle policy is in place to delete current objects after 3 years.

After the fourth year of use of the S3 bucket, the S3 bucket metrics show that the number of objects has continued to rise. However, the number of new CloudTrail logs that are delivered to the S3 bucket has remained consistent.

Which solution will delete objects that are older than 3 years in the MOST cost-effective manner?

Answer options

• A. Configure the organization’s centralized CloudTrail trail to expire objects after 3 years.
• B. Configure the S3 Lifecycle policy to delete previous versions as well as current versions.
• C. Create an AWS Lambda function to enumerate and delete objects from Amazon S3 that are older than 3 years.
• D. Configure the parent account as the owner of all objects that are delivered to the S3 bucket.

Correct answer: B

Explanation

Option B is correct because configuring the S3 Lifecycle policy to delete previous versions ensures that all versions of the objects older than 3 years are removed, thus managing storage costs effectively. Option A does not address the existing versions of the objects, while Option C may incur additional costs for Lambda execution. Option D does not impact the retention policy or the deletion of older objects.