🔥 3-day streak
AWS Certified Security - Specialty134 / 184
Question 134 of 184

A company stores sensitive financial records in an S3 bucket in us-east-1 that is encrypted with a customer managed KMS key (CMK-A) using SSE-KMS. For disaster recovery, they configure S3 Cross-Region Replication (CRR) to a destination bucket in eu-west-1, which is encrypted with a different customer managed KMS key (CMK-B). After enabling replication, new objects fail to replicate and remain in a 'FAILED' status. What is the MOST likely cause and correct remediation?

Reviewed for accuracy · Report an issueNext question