A Developer is publishing critical log data to a log group in Amazon CloudWatch Logs, which was created 2 months ago. The Developer must encrypt the log data using an AWS KMS customer master key (CMK) so future data can be encrypted to comply with the company’s security policy.
How can the Developer meet this requirement?
A. Use the CloudWatch Logs console and enable the encrypt feature on the log group
B. Use the AWS CLI create-log-group command and specify the key Amazon Resource Name (ARN)
C. Use the KMS console and associate the CMK with the log group
D. Use the AWS CLI associate-kms-key command and specify the key Amazon Resource Name (ARN)
How can the Developer meet this requirement?
A. Use the CloudWatch Logs console and enable the encrypt feature on the log group
B. Use the AWS CLI create-log-group command and specify the key Amazon Resource Name (ARN)
C. Use the KMS console and associate the CMK with the log group
D. Use the AWS CLI associate-kms-key command and specify the key Amazon Resource Name (ARN)