AWS Certified Solutions Architect – Associate (SAA-C03) — Question 96

A company has a production web application in which users upload documents through a web interface or a mobile app. According to a new regulatory requirement. new documents cannot be modified or deleted after they are stored.
What should a solutions architect do to meet this requirement?

Answer options

• A. Store the uploaded documents in an Amazon S3 bucket with S3 Versioning and S3 Object Lock enabled.
• B. Store the uploaded documents in an Amazon S3 bucket. Configure an S3 Lifecycle policy to archive the documents periodically.
• C. Store the uploaded documents in an Amazon S3 bucket with S3 Versioning enabled. Configure an ACL to restrict all access to read-only.
• D. Store the uploaded documents on an Amazon Elastic File System (Amazon EFS) volume. Access the data by mounting the volume in read-only mode.

Correct answer: A

Explanation

The correct answer is A because enabling S3 Versioning and S3 Object Lock allows documents to be stored in a way that prevents them from being modified or deleted, thus meeting the regulatory requirement. Option B does not prevent modifications, as archiving does not imply immutability. Option C also does not prevent deletion, as it only restricts access to read-only. Option D only provides read-only access but does not ensure that the documents cannot be deleted or modified.