
Explanation:
A locked retention policy (Bucket Lock) enforces WORM (Write Once Read Many) for the specified period, preventing even admins from deleting or modifying objects. Lifecycle is for deletion after time, versioning keeps old versions, IAM deny is not for this.
Ultimate access to all questions.
You must guarantee that objects in a bucket cannot be deleted or modified for 7 years, even by administrators, for regulatory compliance. What do you configure?
A
Lifecycle rule with age 2555
B
Retention policy of 7 years and lock it (Bucket Lock)
C
Object versioning
D
IAM deny policy on delete
No comments yet.