AWS Certified Solutions Architect - Associate

Explanation

To meet the requirements of backing up on-premises VMs to Amazon S3 with 30-day retention and automatic deletion, the correct combination is:

B. Create an S3 bucket that has object versioning enabled.

• Object versioning is necessary to properly manage object lifecycle and prevent accidental deletion during the retention period.

C. Configure a default retention period of 30 days for the objects.

• This ensures that objects are protected from deletion for exactly 30 days, meeting the retention requirement.

E. Configure an S3 Lifecycle policy to expire the objects after 30 days.

• This automatically deletes the objects after the 30-day retention period, meeting the automatic deletion requirement.

Why the other options are incorrect:

A. Create an S3 bucket that has S3 Object Lock enabled.

• S3 Object Lock is for write-once-read-many (WORM) compliance scenarios, not for simple retention and deletion requirements. It's overkill for this use case.

D. Configure an S3 Lifecycle policy to protect the objects for 30 days.

• S3 Lifecycle policies don't "protect" objects; they manage transitions and expirations. The protection comes from versioning and retention settings.

F. Configure the backup solution to tag the objects with a 30-day retention period

• While object tagging can be used with lifecycle policies, it's not necessary for this solution. The default retention period configured at the bucket level is simpler and more effective.

How the solution works:

1. Object versioning keeps multiple versions of objects and prevents permanent deletion
2. Default retention period of 30 days ensures objects cannot be deleted before 30 days
3. Lifecycle expiration policy automatically deletes objects after 30 days

This combination provides both the required retention protection and automatic cleanup after the retention period ends.