Ultimate access to all questions.
Explanation:
This scenario requires strict data residency, regional processing, classification, and auditable decision trails, which Option C addresses using AWS-native governance services.
Region-specific Amazon S3 buckets enforce geographic data boundaries. Amazon S3 Object Lock ensures immutability of stored data and logs, supporting regulatory retention and non-repudiation requirements. Pre-processing data within the same Region before invoking Amazon Bedrock ensures that inference and data handling do not cross continental boundaries.
Amazon Macie provides managed, automated data classification for sensitive data types such as PII and financial records, fulfilling the classification requirement without custom tooling.
AWS CloudTrail immutable logs provide comprehensive audit trails of all API calls, model invocations, and data access events, ensuring traceability of AI decision-making processes.
Option A violates residency rules through cross-Region inference. Option B does not provide data classification. Option D introduces high operational overhead and relies on manual compliance reporting.
Therefore, Option C is the most compliant, scalable, and operationally efficient solution for regionally governed GenAI workloads.
No comments yet.
A company is building a generative AI application that processes sensitive financial data across multiple geographic regions. The application must comply with strict data residency requirements, ensuring that data is stored and processed only within specific geographic boundaries. The solution must also provide automated data classification, immutable audit trails, and maintain compliance with regional regulations. Which architecture should the company implement?
A
Use Amazon Bedrock with cross-Region inference endpoints. Store all data in a centralized Amazon S3 bucket with server-side encryption. Use AWS CloudTrail for logging and Amazon GuardDuty for threat detection.
B
Deploy Amazon SageMaker endpoints in each required Region. Use Amazon S3 buckets with lifecycle policies for data retention. Implement custom data classification scripts using AWS Lambda.
C
Use region-specific Amazon S3 buckets with S3 Object Lock for immutability. Process data within each Region using Amazon Bedrock with local inference endpoints. Implement Amazon Macie for automated data classification and AWS CloudTrail for immutable audit logs.
D
Create separate AWS accounts for each Region with individual compliance frameworks. Use Amazon SageMaker AI with custom monitoring. Create manual compliance reports for each regulatory jurisdiction.