Optimal Solution for DynamoDB Data Retention Compliance

Answer: B.

Option A is incorrect because DynamoDB table PITR only stores data for a maximum of 35 days.

Option B is CORRECT because S3 offers the most cost-effective long-term storage solution.

Using native integration capabilities such as DynamoDB streams and Kinesis Firehose streams is the simplest and most cost-effective solution to this requirement.

Option C is incorrect because DynamoDB does not have snapshot capability.

Option D is incorrect because DynamoDB does not have automated backup functionality.It is only possible to initiate an on-demand backup.To automate the process, it would require additional solution components such as Lambda functions.

Further, it is not the most cost-optimal solution as it requires the storage of additional metadata such as GSI's, LSI's, etc.

Reference:

https://aws.amazon.com/blogs/database/automatically-archive-items-to-s3-using-dynamodb-time-to-live-with-aws-lambda-and-amazon-kinesis-firehose/

The optimal solution for retaining data in DynamoDB for 90 days based on compliance audit requirements is option B - Enable DynamoDB Streams on the DynamoDB table. Create a Firehose stream to load the data into an S3 bucket. Create a Lambda function to poll the DynamoDB stream and deliver batch records from streams to Firehose.

DynamoDB is a fully managed NoSQL database service that can store and retrieve any amount of data, and provides single-digit millisecond latency for read and write operations. DynamoDB Streams is a feature that captures a time-ordered sequence of item-level modifications in a DynamoDB table. It allows applications to respond to changes in the database in near-real-time, and can be used for a variety of purposes such as replicating data, triggering Lambda functions, and populating search indexes.

Option B proposes to enable DynamoDB Streams on the table, which captures all modifications made to the table in real-time. Once the stream is enabled, a Firehose stream is created to load the data into an S3 bucket. This provides a durable storage solution for the data, ensuring that it is available for at least 90 days based on the compliance audit requirements. Firehose is a fully managed service that can load streaming data into S3, Redshift, and Elasticsearch in near-real-time, and is designed to handle large volumes of data with automatic scaling.

To deliver batch records from the DynamoDB stream to Firehose, a Lambda function is created and configured to poll the stream for new records. The Lambda function can be triggered by a CloudWatch Event, which allows it to run at a specified schedule or when specific conditions are met. Once the Lambda function receives new records from the stream, it transforms and delivers them to Firehose for loading into S3.

This solution ensures that all modifications made to the DynamoDB table are captured in real-time and stored in a durable and scalable way in S3. It also allows for the data to be transformed and delivered to other services if needed. Additionally, this solution does not impact the performance or availability of the DynamoDB table, as it uses streams to capture changes instead of backups or snapshots which can impact performance.