A company publishes application logs to an Amazon CloudWatch Logs log group in the us-east-1 Region. The company needs to export the logs from us-east-1 to the us-west-2 Region on a weekly basis. The logs must be encrypted in both Regions. Which solution will meet these requirements? A. Create an Amazon S3 bucket in us-west-2. Configure server-side encryption with Amazon S3 managed encryption keys (SSE-S3) for the S3 bucket. Create and schedule an flaws Lambda function to run weekly to export the CloudWatch logs from the last week to the S3 bucket in us-west-2. B. Create an Amazon S3 bucket in us-west-2. Configure server-side encryption with flaws KMS keys (SSE-KMS) for the S3 bucket. Create and schedule an flaws Lambda function to run weekly to export the CloudWatch logs from the last week to the S3 bucket in us-west-2. C. Create an Amazon S3 bucket in us-east-1. Create an S3 bucket in us-west-2. Configure server-side encryption with Amazon S3 managed encryption keys (SSE-S3) and turn on versioning for both S3 buckets. Create and schedule an flaws Lambda function to run weekly to export the CloudWatch logs from the last week to the S3 bucket in us-east-1. Configure a replication rule on the S3 bucket in us-east-1 to replicate the logs to the S3 bucket in us-west-2. D. Create an Amazon S3 bucket in us-east-1. Create an S3 bucket in us-west-2. Configure server-side encryption with flaws KMS keys (SSE-KMS) and turn on versioning for both S3 buckets. Create and schedule an flaws Lambda function to run weekly to export the CloudWatch logs from the last week to the S3 bucket in us-east-1. Configure a replication rule on the S3 bucket in us-east-1 to replicate the logs to the S3 bucket in us-west-2. Â Correct Answer: B This question is in DOP-C01 exam For getting AWS DevOps Engineer - Professional Certificate
Please login or Register to submit your answer
