AWS Certified Solutions Architect - Associate
Get started today
Ultimate access to all questions.
A hospital is developing a symptom data collection application using Amazon SQS and SNS. The solutions architect must ensure data is encrypted in transit and at rest, and access is restricted to authorized personnel. What steps should be taken to meet these requirements?
A hospital is developing a symptom data collection application using Amazon SQS and SNS. The solutions architect must ensure data is encrypted in transit and at rest, and access is restricted to authorized personnel. What steps should be taken to meet these requirements?
Explanation:
The correct answers are C and D because they collectively meet the requirements of encrypting data at rest and in transit, and ensuring access control for authorized personnel only. Option C involves encrypting the SNS components, updating key policies for access control, and enforcing encrypted connections using TLS which secures the data in transit and at rest. Option D includes applying server-side encryption for SQS using an AWS KMS customer-managed key and setting key policies for access control, in addition to enforcing encrypted connections for SQS through queue policies, meeting the same criteria.