A software company needs to make sure user-uploaded documents are securely stored in Amazon S3. The documents must be encrypted at rest in Amazon S3.
The company does not want to manage the security infrastructure in-house, but the company still needs extra protection to ensure it has control over its encryption keys due to industry regulations.
Which encryption strategy should a Developer use to meet these requirements?
A. Server-side encryption with Amazon S3 managed keys (SSE-S3)
B. Server-side encryption with customer-provided encryption keys (SSE-C)
C. Server-side encryption with AWS KMS managed keys (SSE-KMS)
D. Client-side encryption
