Answer-first summary for fast verification
Answer: Update the KMS key policy and share the snapshot with the other account.
The correct answer is B. To securely share a snapshot of an encrypted database, you need to ensure that the acquiring company's AWS account has the necessary permissions to access the KMS key used for encryption. By adding the acquiring company's AWS account to the KMS key policy, the acquiring account is granted the necessary permissions to decrypt the snapshot. After modifying the KMS key policy, you can then share the snapshot with the acquiring company’s AWS account.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How should a solutions architect securely share a backup of an encrypted Amazon Aurora PostgreSQL database with another AWS account in the same region?
A
Create a snapshot, then modify and share it with the other account.
B
Update the KMS key policy and share the snapshot with the other account.
C
Change the snapshot's encryption and permissions for sharing with the other account.
D
Use Amazon S3 to manage permissions for sharing the snapshot with the other account.
No comments yet.