A SysOps Administrator is using AWS KMS with AWS-generated key material to encrypt an Amazon EBS volume in a company’s AWS environment. The Administrator wants to rotate the KMS keys using automatic key rotation, and needs to ensure that the EBS volume encrypted with the current key remains readable.
What should be done to accomplish this?
A. Back up the current KMS key and enable automatic key rotation.
B. Create a new key in AWS KMS and assign the key to Amazon EBS.
C. Enable automatic key rotation of the EBS volume key in AWS KMS.
D. Upload new key material to the EBS volume key in AWS KMS to enable automatic key rotation for the volume.
What should be done to accomplish this?
A. Back up the current KMS key and enable automatic key rotation.
B. Create a new key in AWS KMS and assign the key to Amazon EBS.
C. Enable automatic key rotation of the EBS volume key in AWS KMS.
D. Upload new key material to the EBS volume key in AWS KMS to enable automatic key rotation for the volume.