AWS Certified Associate SOA-C02 Full Course Free

To meet the requirements of the workload, a company should store the data in an Amazon S3 Glacier vault and configure a vault lock policy for write-once, read-many (WORM) access. This will ensure that the data is stored securely and cannot be edited in the future. The other solutions (storing the data in an Amazon Elastic Block Store (Amazon EBS) volume and configuring AWS Key Management Service (AWS KMS) encryption, storing the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA) and configuring server-side encryption, or storing the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA) and configuring multi-factor authentication (MFA)) will not meet the requirements, as they do not provide a way to protect the audit logs from future edits.

To identify both tagged and untagged EC2 instances across multiple AWS Regions efficiently:

• AWS Tag Editor: Tag Editor allows you to search for resources across your AWS account by tags, including both tagged and untagged resources.
• Search Setup: In the Tag Editor, select all the Regions where the company operates. Specify the resource type as AWS::EC2::Instance to focus the search on EC2 instances.
• View and Export Data: Execute the search to view all EC2 instances, along with their associated tags and instance IDs. This data can be exported for further analysis or reporting.

Using the Tag Editor is an operationally efficient way to quickly get a comprehensive view of resource tagging across multiple Regions, aiding in compliance and resource management tasks.