Amazon Web Services Data-Engineer-Associate Exam With Confidence Using Practice Dumps

Option C is correct because the company only needs to keep the original files for 90 days and then delete them. AWS states that S3 Lifecycle can be used to delete expired objects automatically, which directly matches this requirement. There is no need to transition the objects to another storage class because the files are not needed beyond day 90. Adding a transition step would add complexity and, in this case, would not improve cost-effectiveness.

Option A is not optimal because S3 Glacier Flexible Retrieval has a 90-day minimum storage duration and is intended for longer-term archival. Transitioning objects right before deleting them is unnecessary overhead and can add minimum-duration charges. Option B is incorrect because Object Lock is for retention and write-once-read-many protection, not for normal temporary retention with lowest cost. Option D is also less cost-effective because S3 Intelligent-Tiering is useful when access patterns are uncertain, but here the retention period and deletion timing are already known. The simplest and cheapest solution is to keep the originals in S3 Standard for the required 90 days and then expire them with Lifecycle.

Amazon S3 Intelligent-Tiering is designed to optimize storage costs by automatically moving objects between access tiers based on access patterns. Since Apache Iceberg works with S3 storage, using Intelligent-Tiering provides cost-efficiency without the need for custom development or jobs.

Option B improves performance but doesn ' t optimize cost automatically.

Option C is not a real AWS Glue feature – Glue does not automatically optimize Iceberg storage.

Option D requires custom development effort, which is contrary to the requirement.

“S3 Intelligent-Tiering is ideal for data lakes and analytics use cases that access data irregularly.”

AWS Lake Formation is a service that helps you build, secure, and manage data lakes on Amazon S3. You can use AWS Lake Formation to register the S3 path as a data lake location, and enable fine-grained access control to limit access to the records based on the HR department’s Region. You can use data filters to specify which S3 prefixes or partitions each HR department can access, and grant permissions to the IAM roles of the HR departments accordingly. This solution will meet the requirement with the least operational overhead, as it simplifies the data lake management and security, and leverages the existing IAM roles of the HR departments12.

The other options are not optimal for the following reasons:

A. Use data filters for each Region to register the S3 paths as data locations. This option is not possible, as data filters are not used to register S3 paths as data locations, but to grant permissions to access specific S3 prefixes or partitions within a data location. Moreover, this option does not specify how to limit access to the records based on the HR department’s Region.

C. Modify the IAM roles of the HR departments to add a data filter for each department’s Region. This option is not possible, as data filters are not added to IAM roles, but to permissions granted by AWS Lake Formation. Moreover, this option does not specify how to register the S3 path as a data lake location, or how to enable fine-grained access control in AWS Lake Formation.

E. Create a separate S3 bucket for each Region. Configure an IAM policy to allow S3 access. Restrict access based on Region. This option is not recommended, as it would require more operational overhead to create and manage multiple S3 buckets, and to configure and maintain IAM policies for each HR department. Moreover, this option does not leverage the benefits of AWS Lake Formation, such as data cataloging, data transformation, and data governance.

1: AWS Lake Formation

2: AWS Lake Formation Permissions

AWS Identity and Access Management

Amazon S3