Answer-first summary for fast verification
Answer: Apply default encryption to the current S3 bucket, identify unencrypted objects with Inventory, and encrypt them using Batch Operations.
The correct answer is B. Enabling default encryption on the existing S3 bucket and using the S3 Inventory feature is a streamlined approach to identify unencrypted objects. With the S3 Batch Operations job, you can efficiently copy and encrypt those objects without manually handling each one. This method minimizes effort and leverages AWS tools effectively to meet the requirements.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A company's serverless website utilizes an unencrypted Amazon S3 bucket as the origin for a CloudFront distribution. The solutions architect must implement encryption for existing and future S3 objects with minimal effort. What is the most efficient approach?
A
Migrate to a new S3 bucket with default encryption, then transfer objects.
B
Apply default encryption to the current S3 bucket, identify unencrypted objects with Inventory, and encrypt them using Batch Operations.
C
Use AWS KMS to create an encryption key, enable server-side encryption with KMS keys on the S3 bucket, and enable versioning.
D
Manually encrypt each unencrypted S3 object through the AWS Management Console.
No comments yet.