An ecommerce company migrates an on-premises MongoDB database to Amazon DocumentDB (with MongoDB compatibility). After the migration, a database specialist realizes that encryption at rest has not been turned on for the Amazon DocumentDB cluster.
What should the database specialist do to enable encryption at rest for the Amazon DocumentDB cluster?
A. Take a snapshot of the Amazon DocumentDB cluster. Restore the unencrypted snapshot as a new cluster while specifying the encryption option, and provide an AWS Key Management Service (AWS KMS) key.
B. Enable encryption for the Amazon DocumentDB cluster on the AWS Management Console. Reboot the cluster.
C. Modify the Amazon DocumentDB cluster by using the modify-db-cluster command with the –storage- encrypted parameter set to true.
D. Add a new encrypted instance to the Amazon DocumentDB cluster, and then delete an unencrypted instance from the cluster. Repeat until all instances are encrypted.
What should the database specialist do to enable encryption at rest for the Amazon DocumentDB cluster?
A. Take a snapshot of the Amazon DocumentDB cluster. Restore the unencrypted snapshot as a new cluster while specifying the encryption option, and provide an AWS Key Management Service (AWS KMS) key.
B. Enable encryption for the Amazon DocumentDB cluster on the AWS Management Console. Reboot the cluster.
C. Modify the Amazon DocumentDB cluster by using the modify-db-cluster command with the –storage- encrypted parameter set to true.
D. Add a new encrypted instance to the Amazon DocumentDB cluster, and then delete an unencrypted instance from the cluster. Repeat until all instances are encrypted.
