SAA-C03 Exam Dumps : AWS Certified Solutions Architect - Associate (SAA-C03)

Amazon S3 supports one Lifecycle configuration per bucket that can contain multiple rules. Lifecycle rules can include filters, including object size filters: ObjectSizeGreaterThan and ObjectSizeLessThan. You can combine rules so that one targets large objects and another provides a default expiration. Here, configure Rule 1 with a size filter ObjectSizeGreaterThan = 1 TB and Expiration = 2 days (48 hours) to purge very large videos early. Configure Rule 2 with Expiration = 7 days without a size filter to serve as a catch-all maximum retention for all objects. Options B and D are invalid because S3 does not allow multiple Lifecycle configurations per bucket. Option C cannot distinguish large files; it would delete all files at the same schedule without honoring the 48-hour policy for > 1 TB objects. This single configuration with two rules meets both retention targets with minimal overhead and full S3-native capability.

The correct answers are A, C, and E because the company needs a fully managed solution for SFTP uploads to Amazon S3 , followed by automatic decryption and movement of files to another directory with minimal operational overhead . AWS Transfer Family is the best fit because it provides a managed SFTP endpoint directly integrated with Amazon S3. Configuring the S3 bucket as the home directory enables customers to upload files without the company needing to manage its own file transfer servers.

The requirement to avoid separate authentication services and minimize operational work is well served by native AWS Transfer Family workflows . A workflow can automatically run post-upload steps on files as they arrive. The DECRYPT action is specifically designed to decrypt uploaded encrypted files as part of the managed workflow. After decryption, the COPY action can place the processed file into the second directory in the same S3 bucket for downstream processing.

Option B is less appropriate because using S3 events and Lambda adds custom orchestration where a native Transfer Family workflow already handles the need more simply. Option D is incorrect because polling with an external script introduces unnecessary infrastructure and operational overhead. Option F is also incorrect because AWS Batch polling and custom decryption logic is far more complex than a managed file-transfer workflow.

AWS best practices favor managed services and native workflow features to reduce custom code and infrastructure management. Therefore, the best solution is to use AWS Transfer Family for SFTP uploads , along with Transfer Family workflow DECRYPT and COPY actions to automate the full post-upload process.

For infrequent or ad hoc querying of log data, Amazon S3 + Amazon Athena provides the most cost-effective, serverless, and scalable analytics solution.

From AWS Documentation:

“Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run.”

(Source: Amazon Athena User Guide)

Why A is correct:

Amazon S3 offers durable, scalable, and cost-efficient storage.

Athena allows SQL-based querying on structured or semi-structured data like logs.

No need to provision or manage infrastructure.

Ideal for occasional querying at low cost.

Why the others are not optimal:

Option B: OpenSearch adds cost and is best for frequent, low-latency log querying.

Option C: RDS is not optimized for large-scale write-heavy log ingestion and costs more.

Option D: CloudWatch Logs is suitable for real-time monitoring, not for long-term storage and analytics of large log volumes.