An AWS Lambda function generates a 3MB JSON file and then uploads it to an Amazon S3 bucket daily. The file contains sensitive information, so the Developer must ensure that it is encrypted before uploading to the bucket. Which of the following modifications should the Developer make to ensure that the data is encrypted before uploading it to the bucket?
A) Use the default AWS KMS customer master key for S3 in the Lambda function code.
B) Use the S3 managed key and call the GenerateDataKey API to encrypt the file. Use the S3 managed key and call the GenerateDataKey API to encrypt the file.
C) Use the GenerateDateKey API, then use that data key to encrypt the file in the Lambda function code. Use the GenerateDateKey API, then use that data key to encrypt the file in the Lambda function code.
D) Use a custom KMS customer master key created for S3 in the Lambda function code.
Correct Answer:
Verified
Q246: A company has an application that logs
Q247: A Developer is working on a serverless
Q248: A Developer writes an AWS Lambda function
Q249: While developing an application that runs on
Q250: An application is running on a cluster
Q252: A nightly batch job loads 1 million
Q253: A company has a web application that
Q254: A Developer wants to find a list
Q255: A Developer has created a new AWS
Q256: To include objects defined by the AWS
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents