[Solved] You run this AWS CLI command:aws s3 cp report.pdf s3://example-bucket/ --sse aws:kms --sse-kms-key-id abcd1234-56ef-78gh-90ij-klmnopqrstuvWhat type of encryption will protect the uploaded object? | AWS

AWS - S3 Fundamentals

You run this AWS CLI command:
aws s3 cp report.pdf s3://example-bucket/ --sse aws:kms --sse-kms-key-id abcd1234-56ef-78gh-90ij-klmnopqrstuv
What type of encryption will protect the uploaded object?

AClient-side encryption before uploading the object

BServer-side encryption with Amazon S3-managed keys (SSE-S3)

CServer-side encryption with AWS KMS using the specified customer-managed key

DNo encryption will be applied to the object

Step-by-Step Solution

Solution:

Step 1: Analyze the CLI command
The command uses the flag --sse aws:kms which specifies server-side encryption with AWS KMS.
Step 2: Identify the key used
The --sse-kms-key-id option provides a specific KMS key ID, indicating a customer-managed key is used.
Final Answer:
Server-side encryption with AWS KMS using the specified customer-managed key -> Option C
Quick Check:
Using --sse aws:kms with a key ID means SSE-KMS with a customer key [OK]

Quick Trick: SSE-KMS with key ID means customer-managed key encryption [OK]

Common Mistakes:

Confusing SSE-KMS with SSE-S3
Assuming client-side encryption is applied
Ignoring the specified KMS key ID

Master "S3 Fundamentals" in AWS

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Visual Try Challenge Project Recall Time

More AWS Quizzes

You run this AWS CLI command:

Step 1: Analyze the CLI command

Step 2: Identify the key used

Final Answer:

Quick Check:

Want More Practice?