How should a solutions architect securely share an EBS-backed, KMS-encrypted Amazon Machine Image (AMI) with an AWS Managed Service Provider (MSP) Partner's AWS account during an application migration initiative?

Exam-Like

By making the AMI and snapshots public and updating the key policy for the MSP Partner's access.

0.0%

By adjusting the AMI's launch permissions and key policy to allow only the MSP Partner's AWS account to use the image and key.

50.0%

By changing launch permissions and key policy to trust a new KMS key owned by the MSP Partner for encryption.

33.3%

By exporting the AMI to an S3 bucket in the MSP Partner's account, encrypting it with a new key owned by the MSP Partner, and then copying and launching it there.

16.7%

AWS Certified Solutions Architect - Associate

Get started today

Comments

How should a solutions architect securely share an EBS-backed, KMS-encrypted Amazon Machine Image (AMI) with an AWS Managed Service Provider (MSP) Partner's AWS account during an application migration initiative?