Answer-first summary for fast verification
Answer: Configure an S3 Lifecycle rule on the S3 bucket to expire objects that have been in the S3 bucket for 72 hours.
The correct answer is B. Configuring an S3 Lifecycle rule on the S3 bucket to expire objects that have been in the S3 bucket for 72 hours is the most appropriate solution. S3 Lifecycle policies are specifically designed to manage objects in your S3 buckets according to your requirements. This is a built-in feature of Amazon S3 and is straightforward to implement, providing a reliable and automated way to ensure that objects are deleted after 72 hours. Other options, such as using Amazon Macie (A), EventBridge with Lambda (C), or S3 Intelligent-Tiering (D), are either not designed specifically for this purpose or overly complicated for this scenario.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A company is partnering with a vendor to process customer data. The company uploads sensitive data files as objects into an Amazon S3 bucket, from which the vendor downloads the objects for processing. A security engineer needs to ensure that these objects do not remain in the S3 bucket for more than 72 hours. Which solution should the security engineer implement to meet this requirement?
A
Use Amazon Macie to scan the S3 bucket for sensitive data every 72 hours. Configure Macie to delete the objects that contain sensitive data when they are discovered.
B
Configure an S3 Lifecycle rule on the S3 bucket to expire objects that have been in the S3 bucket for 72 hours.
C
Create an Amazon EventBridge scheduled rule that invokes an AWS Lambda function every day. Program the Lambda function to remove any objects that have been in the S3 bucket for 72 hours.
D
Use the S3 Intelligent-Tiering storage class for all objects that are uploaded to the S3 bucket. Use S3 Intelligent-Tiering to expire objects that have been in the S3 bucket for 72 hours.
No comments yet.