You work at a company that makes use of AWS resources. One of the key security policies is to ensure that all data is encrypted in transit in AWS. Which of the following options can help you achieve the requirement for S3?

Answer options:

A.Use AWS SDKs or CLI to upload objects to S3 buckets via Secure Socket Layer/Transport Layer Security (SSL/TLS).
B.Enable client-side encryption through SSE-S3.
C.Enable server-side encryption through SSE-KMS.
D.Modify the bucket ACL to make sure that only SSL connections are allowed in the S3 bucket.

Answer –A
Option A is CORRECT because SSL/TLS should be used for the encryption in-transit for S3 buckets. AWS SDKs or CLI use SSL/TLS by default.
Option B is incorrect because SSE-S3 is a server-side encryption method instead of the client-side.
Option C is incorrect because server-side encryption does not help with the encryption in transit.
Option D is incorrect because bucket policy should be used instead of bucket ACL.
For more information on how to protect S3 data using encryption, please visit the below URL:
https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingEncryption.html