A company is migrating an application to AWS and aims to utilize fully managed services to the greatest extent possible. They require a solution for storing large, important documents that meet the following criteria: 1) high durability and availability, 2) encryption of data at rest and in transit, and 3) management and periodic rotation of the encryption keys by the company. Which solution should the solutions architect recommend?

Exam-Like

Deploy the AWS Storage Gateway in file gateway mode. Encrypt the storage gateway volumes using Amazon EBS volume encryption with an AWS KMS key.

25.0%

Utilize Amazon S3 with a bucket policy that enforces HTTPS connections to the bucket and mandates server-side encryption with AWS KMS for object encryption.

75.0%

Employ Amazon DynamoDB with SSL for connections. Encrypt DynamoDB objects at rest using an AWS KMS key.

0.0%

Deploy instances with Amazon EBS volumes to store the data. Encrypt the data using EBS volume encryption with an AWS KMS key.

0.0%

AWS Certified Solutions Architect - Professional

Get started today

Comments