AWS Certified Developer - Associate

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Associate a KMS key with the existing log group using the AWS CLI.

The correct answer is D. To encrypt the log data in an existing Amazon CloudWatch Logs log group with the least effort, you should use the AWS CLI command 'aws logs associate-kms-key' and specify the key Amazon Resource Name (ARN). This command allows you to associate a KMS key with an existing log group, enabling encryption for future log data without having to recreate the log group or manually encrypt and decrypt the data.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Associate a KMS key with the existing log group using the AWS CLI.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

A developer needs to encrypt log data in an existing Amazon CloudWatch Logs log group using AWS KMS to meet security policies. What is the least effort solution to enable encryption for future data?

Exam-Like

Implement AWS Encryption SDK for pre-logging data encryption and decryption.

0.0%

Associate a KMS key with the log group using the AWS KMS console.

50.0%

Specify a KMS key ARN when creating a log group with the AWS CLI.

Associate a KMS key with the existing log group using the AWS CLI.

50.0%