The Organisation runs several applications in different VPCs across a single AWS Region. For compliance and security reasons, all outbound internet traffic from these VPCs must pass through a centralised set of security appliances before reaching the internet. This setup needs to be highly available and scalable.

A Developer develops a new mobile application that allows users to upload photos, process them and then store the processed images. The app is expected to have highly variable usage, from very low to very high during viral events. Wants a fully serverless backend to minimise operational overhead and scale automatically.

Your organization needs to archive financial transaction logs and immutable customer records for 7 years to meet regulatory compliance. These data sets are rarely accessed after the first 90 days but must be protected against accidental deletion or modification. Retrieval times for audit purposes can be several hours.

How would you monitor the performance of your S3 data access and identify further optimisation opportunities?

For log data, when would you move logs from CloudWatch Logs to S3, and what S3 storage class would you use for long-term archival?