Your application currently uses customer keys which are generated via AWS KMS in the
US east region. You now want to use the same set of keys from the EU-Central region.
How can this be accomplished?
A . Export the key from the US east region and import them into the EU-Central region
B . Use key rotation and rotate the existing keys to the EU-Central region
C . Use the backing key from the US east region and use it in the EU-Central region
D . This is not possible since keys from KMS are region specific
Answer: D
Explanation:
Option A is invalid because keys cannot be exported and imported across regions.
Option B is invalid because key rotation cannot be used to export keys
Option C is invalid because the backing key cannot be used to export keys
This is mentioned in the AWS documentation
What geographic region are my keys stored in?
Keys are only stored and used in the region in which they are created. They cannot be transferred to another region. For example; keys created in the EU-Central (Frankfurt) region are only stored and used within the EU-Central (Frankfurt) region For more information on KMS please visit the following URL:
https://aws.amazon.com/kms/faqs/
The correct answer is: This is not possible since keys from KMS are region specific Submit your Feedback/Queries to our Experts
Leave a Reply