AWS SAA-C03 #157

A company stores data in an Amazon Aurora PostgreSQL DB cluster. The company must store all the data for 5 years and must delete all the data after 5 years. The company also must indefinitely keep audit logs of actions that are performed within the database. Currently, the company has automated backups configured for Aurora.

Which combination of steps should a solutions architect take to meet these requirements? (Choose two.)

A. Take a manual snapshot of the DB cluster.

B. Create a lifecycle policy for the automated backups.

C. Configure automated backup retention for 5 years.

D. Configure an Amazon CloudWatch Logs export for the DB cluster.

E. Use AWS Backup to take the backups and to keep the backups for 5 years.


I apologize for the confusion. Let's break down the requirements and the steps needed to meet them:

  1. Data Retention for 5 Years: The company needs to store all data for 5 years and delete all data after 5 years. This can be achieved by configuring automated backup retention for 5 years in Amazon Aurora PostgreSQL DB cluster¹. However, Amazon Aurora does not support automated backup retention for more than 35 days⁴. Therefore, you might need to consider other backup solutions such as AWS Backup or manual snapshots.

  2. Indefinite Audit Logs: The company needs to keep audit logs of actions performed within the database indefinitely. This can be achieved by using the PostgreSQL Audit extension (pgAudit) which is supported by Aurora PostgreSQL¹. You can also export the DB cluster logs to Amazon CloudWatch Logs¹ for indefinite storage and easy access².

Given these considerations, the correct steps would be:

E. Use AWS Backup to take the backups and to keep the backups for 5 years.

AWS Backup allows you to centralize and automate data protection across AWS services. You can create backup policies known as backup plans, which define when and how you want to back up your AWS resources such as your Amazon Aurora PostgreSQL DB cluster⁴.

D. Configure an Amazon CloudWatch Logs export for the DB cluster.

Exporting the DB cluster logs to Amazon CloudWatch Logs would allow the company to store and access log files indefinitely¹. This would help in keeping an audit trail of all actions performed within the database².

Please note that while option A (taking a manual snapshot of the DB cluster) could potentially be used as part of a backup strategy, it would not provide an automated solution for the 5-year retention requirement. Option B (creating a lifecycle policy for automated backups) is not applicable as Amazon Aurora does not support lifecycle policies for automated backups⁴.

相关推荐
AKAMAI9 小时前
利用DataStream和TrafficPeak实现大数据可观察性
人工智能·云原生·云计算
Johny_Zhao10 小时前
CentOS Stream 9上部署FTP应用服务的两种方法(传统安装和docker-compose)
linux·网络安全·信息安全·kubernetes·云计算·containerd·ftp·yum源·系统运维
MetaverseMan10 小时前
GitHub Actions打包容器,推送 AWS ECR 并使 EKS 自动拉取以完成发版部署
云计算·aws
可观测性用观测云12 小时前
AWS MemoryDB 可观测最佳实践
aws
运维成长记17 小时前
关于linux运维 出现高频的模块认知
运维·职场和发展·云计算
德育处主任Pro20 小时前
解放生产力:Amazon API Gateway 与 Amazon Lambda 的优雅组合
gateway·aws·亚马逊
奋进的孤狼1 天前
【Spring AI】阿里云DashScope灵积模型
人工智能·spring·阿里云·ai·云计算
Hermann1 天前
云原生系统健壮性浅谈
架构·云计算
数据与人工智能律师1 天前
数字迷雾中的安全锚点:解码匿名化与假名化的法律边界与商业价值
大数据·网络·人工智能·云计算·区块链
在云上(oncloudai)1 天前
AWS CAF:企业云转型的战略指南
aws