A developer needs to encrypt log data in an existing Amazon CloudWatch Logs log group using AWS KMS to meet security policies. What is the least effort solution to enable encryption for future data?

Exam-Like

Explanation:

The correct answer is D. To encrypt the log data in an existing Amazon CloudWatch Logs log group with the least effort, you should use the AWS CLI command 'aws logs associate-kms-key' and specify the key Amazon Resource Name (ARN). This command allows you to associate a KMS key with an existing log group, enabling encryption for future log data without having to recreate the log group or manually encrypt and decrypt the data.

Powered ByGPT-5

AWS Certified Developer - Associate

Get started today

AWS Certified Developer - Associate

Get started today

A developer needs to encrypt log data in an existing Amazon CloudWatch Logs log group using AWS KMS to meet security policies. What is the least effort solution to enable encryption for future data?