AWS Certified Solutions Architect – Associate (SAA-C03) — Question 482

A company wants to send all AWS Systems Manager Session Manager logs to an Amazon S3 bucket for archival purposes.

Which solution will meet this requirement with the MOST operational efficiency?

Answer options

• A. Enable S3 logging in the Systems Manager console. Choose an S3 bucket to send the session data to.
• B. Install the Amazon CloudWatch agent. Push all logs to a CloudWatch log group. Export the logs to an S3 bucket from the group for archival purposes.
• C. Create a Systems Manager document to upload all server logs to a central S3 bucket. Use Amazon EventBridge to run the Systems Manager document against all servers that are in the account daily.
• D. Install an Amazon CloudWatch agent. Push all logs to a CloudWatch log group. Create a CloudWatch logs subscription that pushes any incoming log events to an Amazon Kinesis Data Firehose delivery stream. Set Amazon S3 as the destination.

Correct answer: A

Explanation

Enabling S3 logging directly within the AWS Systems Manager console is the most operationally efficient solution because it is a native, built-in feature that requires no additional agents, custom scripts, or external streaming services. Other options involving CloudWatch agents, Kinesis Data Firehose, or custom Systems Manager documents introduce unnecessary architectural complexity, maintenance overhead, and extra costs.