Answer: Enable S3 logging in the Systems Manager console. Choose an S3 bucket to send the session data to.

## Explanation **Correct Answer: A** **Why Option A is correct:** 1. **Direct S3 Logging**: AWS Systems Manager Session Manager has a built-in feature to send session logs directly to an S3 bucket. This is the most operationally efficient solution because: - It's a native feature requiring minimal configuration - No additional agents or services needed - Real-time log delivery to S3 - Managed by AWS with no operational overhead 2. **Operational Efficiency**: The question specifically asks for the "MOST operational efficiency." Option A requires the least amount of setup, maintenance, and ongoing management. **Why other options are less efficient:** **Option B**: Requires installing and managing CloudWatch agents, configuring log groups, and setting up log exports. This adds complexity and operational overhead. **Option C**: Requires creating custom Systems Manager documents, setting up EventBridge rules, and running daily jobs. This is the most complex solution with significant operational overhead. **Option D**: Similar to Option B but adds even more complexity with Kinesis Data Firehose and subscription filters. While this provides real-time streaming, it's over-engineered for simple archival purposes. **Key AWS Concepts:** - **AWS Systems Manager Session Manager**: Provides secure, auditable instance management without SSH keys - **S3 Logging**: Native capability to send session logs directly to S3 - **Operational Efficiency**: Minimizing management overhead while meeting requirements **Best Practice**: Always use native AWS features when available, as they are typically more reliable, secure, and operationally efficient than custom solutions.

Author: LeetQuiz Editorial Team