Exam AWS Certified Solutions Architect - Associate SAA-C02 topic 1 question 79 discussion

I think it's A. "Use AWS DataSync to migrate existing data to Amazon S3, and then use the File Gateway configuration of AWS Storage Gateway to retain access to the migrated data and for ongoing updates from your on-premises file-based applications." Need a solution to move existing data and support future records -> so, AWS DataSync should be used for migration. Need granular audit access at all levels -> so, Data Events should be used in CloudTrail, Management Events is enabled by default.

We need AWS Datasync to move the data, so that leaves A or C. Cloudtrail support s3 data events. My take is A.

both A and B are ok. the difference we need to conceder is if we want cloud trail to track data or management logs. I vote data. so A.

After reviewing both services, I find a small difference and I choose B. Because of the backup from the on-premise installations Here the links: https://aws.amazon.com/es/datasync/ - https://aws.amazon.com/es/storagegateway/

I vote A

Keys: --> retain health records with auditing access at all levels Expectation: Migrate old data and support future records with granular monitoring Distractors: B/C/D B/D are distractor as they talk about Storage gateway which is useful to simulataneously backup data in aws along with caching the data on prem C is a distractor as it talks about management event with CL which is capturing management operations that are performed on resources in AWS account like bucket creation managing IAM services, etc A is correct as DataSync is the best solution for migrating data from on-prem to aws. S3 is the right solution for storage, CL with data events which monitors object-level API activity (for example, GetObject, DeleteObject, and PutObject API operations) which is needed

Q: When do I use AWS DataSync and when do I use AWS Storage Gateway? A: Use AWS DataSync to migrate existing data to Amazon S3, and subsequently use the File Gateway configuration of AWS Storage Gateway to retain access to the migrated data and for ongoing updates from your on-premises file-based applications. You can use a combination of DataSync and File Gateway to minimize your on-premises infrastructure while seamlessly connecting on-premises applications to your cloud storage. AWS DataSync enables you to automate and accelerate online data transfers to AWS Storage services. After the initial data transfer phase using AWS DataSync, File Gateway provides your on-premises applications with low latency access to the migrated data. When using DataSync with NFS shares, POSIX metadata from your source on-premises storage is preserved, and permissions from the source storage apply when accessing your files using File Gateway.

AWS dataSync is the correct service, so B and D are out. Management events are the type of events that are enabled by default in a trail. So C is out. Answer is A

AWS Storage Gateway gives you ACCESS only but is not a service that move the data for you, while AWS DataSync gives you the ABILITY and is a service that helps to move the data for you.

A. Use AWS DataSync to move existing data to AWS. Use Amazon S3 to store existing and new data. Enable Amazon S3 object lock and enable AWS CloudTrail with data events.

Explanation: Keyword: Move existing data and support future records + Granular audit access at all levels Use AWS DataSync to migrate existing data to Amazon S3, and then use the File Gateway configuration of AWS Storage Gateway to retain access to the migrated data and for ongoing updates from your on- premises file-based applications. Need a solution to move existing data and support future records = AWS DataSync should be used for migration. Need granular audit access at all levels = Data Events should be used in CloudTrail, Management Events is enabled by default.

Should be C, right? AWS CloudTrail with management events instead of data events.

Ans = A CloudTrail data events CloudTrail data events are disabled by default. You can enable logging at an additional cost. Data events are also known as data plane operations and are often high-volume activities. Data events aren't viewable in CloudTrail event history and are charged for all copies at a reduced rate compared to management events. For instructions to log data events to an Amazon Simple Storage Service (Amazon S3) bucket, see Logging Data Events with the AWS Management Console.

Key takeaways: 1. Store data infinitely ( S3 ) 2. Auditing ( CloudTrail ) 3. Prevent modifying data once uploaded ( Object lock )

Correct answer is A as AWS Data Sync can be used to move the data from on-premises to AWS S3. Data can be stored in S3 with object lock to prevent any modifications. CloudTrail S3 Data events can be enabled to granular audit access at all levels.

MOve data from onprem Datasync for sure

data events are not enabled by default - A