DVA-C02 · Question #737
DVA-C02 Question #737: Real Exam Question with Answer & Explanation
The correct answer is B: The AWS KMS API calls limit is less than needed to achieve the desired performance.. When using SSE-KMS with Amazon S3, each PUT operation requires an AWS KMS Encrypt API call. If an application uploads tens of thousands of objects per second, it can exceed the KMS request rate limits, leading to throttling and increased latency. This is the most likely cause of
Question
A developer has an application that can upload tens of thousands of objects per second to Amazon S3 in parallel within a single AWS account. As part of new requirements, data stored in S3 must use server-side encryption with AWS KMS keys (SSE-KMS). After creating this change, performance of the application is slower. Which of the following is MOST likely the cause of the application latency?
Options
- AAmazon S3 throttles the rate at which uploaded objects can be encrypted using KMS keys.
- BThe AWS KMS API calls limit is less than needed to achieve the desired performance.
- CThe client encryption of the objects is using a poor algorithm.
- DKMS requires that an alias be used to create an independent display name that can be mapped
Explanation
When using SSE-KMS with Amazon S3, each PUT operation requires an AWS KMS Encrypt API call. If an application uploads tens of thousands of objects per second, it can exceed the KMS request rate limits, leading to throttling and increased latency. This is the most likely cause of the performance degradation.
Community Discussion
No community discussion yet for this question.