Q72 — AWS SAA-C03 Ch.4

Question 72 of 105 | ← Chapter 4

Q267. A company needs to create an Amazon Elastic Kubernetes Service (Amazon EKS) cluster to host a digital media streaming application.The EKS cluster will use a managed node group that is backed by Amazon Elastic Block Store (Amazon EBS) volumes for storage. The company must encrypt all data at rest by using a customer managed key that is stored in AWS Key Management Service (AWS KMS);Which combination of actions will meet this requirement with the LEAST operational overhead?(Select TWO.)

Correct Answer: B. After creation of the EKS cluster, locate the EBS volumes.Enable encryption by using the customer managed key, D. Create the EKS cluster. Create an IAM role that has a policy that grants permission to the customer managed key. Associate the role with the EKS cluster

Explanation

After creation of the EKS cluster, locate the EBS volumes.Enable encryption by using the customer managed key.Create the EKS cluster. Create an IAM role that has a policy that grants permission to the customer managed key. Associate the role with the EKS cluster.