Explanation

For retaining audit logs for 3 years at the lowest cost, Coldline Storage is the correct choice. Here's why:

Storage Class Comparison:

1. Cloud Logging only - Not suitable for long-term retention as logs in Cloud Logging have limited retention periods (default 30 days, configurable up to 365 days for some log types).
2. Nearline Storage - Designed for data accessed less than once a month, with 30-day minimum storage duration.
3. Coldline Storage - Designed for data accessed less than once a year, with 90-day minimum storage duration and the lowest storage costs for long-term retention.
4. Pub/Sub - A messaging service, not a storage solution for long-term retention.

Cost Analysis:

• Coldline Storage has the lowest storage costs among Google Cloud's storage classes for data that needs to be retained for years.
• For 3-year retention, Coldline Storage provides the most cost-effective solution.

Compliance Considerations:

• Audit logs often have regulatory requirements for long-term retention.
• Coldline Storage provides durable, secure storage with appropriate access controls for compliance purposes.

Best Practice:

Export audit logs from Cloud Logging to Cloud Storage using a Coldline Storage bucket for long-term retention at minimal cost.