You need a new S3 bucket to store objects using the write-once-read-many (WORM) model. After objects are saved in the bucket, they cannot be deleted or overwritten for a fixed amount of time. Which option would you select to achieve this requirement?

Answer options:

A.Enable the Amazon S3 object lock when creating the S3 bucket.
B.Enable versioning for the S3 bucket.
C.Modify the S3 bucket policy to only allow the read operation.
D.Enable the WORM model in the S3 Access Control List (ACL) configuration.

Correct Answer – A
Amazon S3 object lock should be enabled to store objects using the write once and read many (WORM) models. The reference can be found in https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html.
Option A is CORRECT: After the S3 object lock is enabled, you can prevent the S3 objects from being deleted or overwritten for a fixed amount of time or indefinitely.
Option B is incorrect: Because versioning does not prevent objects from being deleted or modified.
Option C is incorrect: Because the S3 bucket should still allow the write operation. Otherwise, new objects cannot be saved in the bucket.
Option D is incorrect: Because there is no such configuration in Access Control List (ACL).