🔥 3-day streak
AWS Certified Developer - Associate119 / 150
Question 119 of 150

A developer must store uploaded financial documents in an Amazon S3 bucket. Compliance requires that all objects be encrypted at rest, that the encryption keys be under the company's control with a defined rotation policy, and that every use of the key to decrypt an object be recorded in an audit trail. The team wants to avoid managing any encryption libraries in the application code. Which approach meets these requirements with the least operational effort?

Reviewed for accuracy · Report an issueNext question