An application needs to encrypt data that is written to Amazon S3 where the keys are managed in an on-premises data center, and the encryption is handled by S3.
Which type of encryption should be used?
A. Use server-side encryption with Amazon S3-managed keys
B. Use server-side encryption with AWS KMS-managed keys
C. Use client-side encryption with customer master keys
D. Use server-side encryption with customer-provided keys
