Q9 — AWS SAA-C03 Ch.5
Question 9 of 65 | ← Chapter 5
Q309. A company wants to send all AWS Systems Manager Session Manager logs to an Amazon S3 bucket for archival purposes.Which solution will meet this requirement with the MOST operational efficiency?
- A. Enable S3 logging in the Systems Manager console.Choose an S3 bucket to send the session data to ✓
- B. Install the Amazon CloudWatch agent. Push all logs to a CloudWatch log group.Export the logs to an S3 bucket from the group for archival purposes
- C. Create a Systems Manager document to upload all server logs to a central S3 bucket. Use Amazon EventBridge to run the Systems Manager document against all servers that are in the account daily
- D. Install an Amazon CloudWatch agent. Push all logs to a CloudWatch log group. Create a CloudWatch logs subscription that pushes any incoming log events to an Amazon Kinesis Data Firehose delivery stream. Set Amazon S3 as the destination
Correct Answer: A. Enable S3 logging in the Systems Manager console.Choose an S3 bucket to send the session data to
Explanation
Option A: Enabling S3 logging in the Systems Manager console and choosing an S3 bucket to send session data to is the most operationally efficient solution because it is a simple and straightforward configuration. Once this is set up, all Systems Manager Session Manager logs will be automatically sent to the specified S3 bucket for archival purposes.Option B: Installing the Amazon CloudWatch agent and pushing all logs to a CloudWatch log group, then exporting the logs to an S3 bucket for archival purposes adds extra steps and complexity to the process. While CloudWatch Logs allows for centralizing logs and provides advanced search capabilities, exporting logs requires additional configuration and may incur additional costs. Option C: Creating a Systems Manager document to upload all server logs to a central S3 bucket and using Amazon EventBridge to run the Systems Manager document against all servers daily is a more complex solution that introduces additional components such as EventBridge and requires ongoing maintenance to ensure logs are being uploaded correctly.Option D: Installing an Amazon CloudWatch agent, pushing logs to a CloudWatch log group, creating a subscription to push logs to Kinesis Data Firehose, and setting S3 as the destination is also a complex solution that involves multiple components and requires ongoing maintenance.