A company must implement a data retention policy for regulatory compliance. Sensitive documents stored in an Amazon S3 bucket must be protected from deletion or modification for a fixed period. Which solution meets these requirements?
Choose an answer
Tap an option to check your answer.
Correct answer: Activate S3 Object Lock on the required objects and enable compliance mode..
Why this is the answer
Activating S3 Object Lock in compliance mode prevents an object from being overwritten or deleted by any user, including the root user, until the retention period expires. This immutability is essential for regulatory compliance where data must be protected for a fixed period. Governance mode allows some authorized users to override or delete objects, which doesn't meet the strict protection requirement. Enabling versioning alone doesn't prevent deletion or modification; it only keeps previous versions. A lifecycle policy to delete objects after a period contradicts the requirement to protect them from deletion or modification during that period. Transitioning to S3 Glacier Flexible Retrieval is for cost optimization and doesn't inherently provide immutability against deletion or modification.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed