You need to enable encryption for an existing unencrypted RDS instance without downtime. What is the recommended approach?

hard📝 Application Q9 of 15

AWS - RDS and Relational Databases

ACreate a snapshot, copy it with encryption enabled, then restore a new encrypted instance

BEnable encryption directly on the running instance

CModify the instance to enable encryption in place

DDisable Multi-AZ and enable encryption

Step-by-Step Solution

Solution:

Step 1: Understand encryption limitations
You cannot enable encryption directly on an existing unencrypted RDS instance.
Step 2: Use snapshot copy with encryption
Copy the snapshot with encryption enabled, then restore a new encrypted instance from it.
Final Answer:
Create a snapshot, copy it with encryption enabled, then restore a new encrypted instance -> Option A
Quick Check:
Encryption requires snapshot copy and restore [OK]

Quick Trick: Encrypt by snapshot copy and restore, not in-place [OK]

Common Mistakes:

Master "RDS and Relational Databases" in AWS

9 interactive learning modes - each teaches the same concept differently

Want More Practice?

15+ quiz questions · All difficulty levels · Free

More AWS Quizzes