Question #906
A company runs a self-managed Microsoft SQL Server on Amazon EC2 instances and Amazon Elastic Block Store (Amazon EBS). Daily snapshots are taken of the EBS volumes.
Recently, all the company’s EBS snapshots were accidentally deleted while running a snapshot cleaning script that deletes all expired EBS snapshots. A solutions architect needs to update the architecture to prevent data loss without retaining EBS snapshots indefinitely.
Which solution will meet these requirements with the LEAST development effort?
Change the IAM policy of the user to deny EBS snapshot deletion.
Copy the EBS snapshots to another AWS Region after completing the snapshots daily.
Create a 7-day EBS snapshot retention rule in Recycle Bin and apply the rule for all snapshots.
Copy EBS snapshots to Amazon S3 Standard-Infrequent Access (S3 Standard-IA).
Explanation
Option C is the correct answer because creating a 7-day EBS snapshot retention rule in the Recycle Bin allows for automatic management of snapshots without requiring complex setup or programming. The Recycle Bin feature ensures that snapshots deleted within 7 days can be recovered, thus providing a safety net against accidental deletion, which addresses the requirement for preventing data loss effectively.
Option A, changing the IAM policy of the user to deny EBS snapshot deletion, is overly restrictive and could hinder necessary operations. It does not provide a way to recover snapshots and only addresses the deletion issue without addressing the accidental removal scenario.
Option B, copying EBS snapshots to another AWS Region, would increase complexity and is more labor-intensive than necessary for a scenario where managing snapshot retention adequately can be handled with a simpler rule.
Option D, copying EBS snapshots to Amazon S3 Standard-Infrequent Access (S3 Standard-IA), is an incorrect choice as it does not directly address the prevention of data loss from EBS snapshots but rather involves a different storage mechanism. While snapshots can be stored in S3 after conversion, this process does not inherently protect against accidental deletions nor is it the least development effort solution.
In summary, Option C provides an automated way to handle snapshot retention with minimal development effort, whereas the other options either complicate the process, introduce more restrictions, or do not adequately solve the issue of accidental data loss.
Key Points to Remember:
- Utilize AWS features like the Recycle Bin for easier management of EBS snapshots.
- Understand the implications of IAM policies and their role in operational flexibility.
- Choose solutions that balance security with operational efficiency to prevent data loss without unnecessary complexity.
Answer
The correct answer is: A