Your company's development team has deployed an application using Docker containers on their on-premises environment.
The application environment needs to be extended onto AWS without any need to manage the underlying infrastructure.
Which of the following is the ideal service you would use to provision the environment for them?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: B.
The AWS Documentation mentions the following.
AWS Storage Gateway uses AWS Key Management Service (AWS KMS) to support encryption.
Storage Gateway is integrated with AWS KMS.
So, you can use the customer master keys (CMKs) in your account to protect the data that Storage Gateway receives, stores, or manages.
Currently, you can do this by using the AWS Storage Gateway API.
All other options are invalid since the right way to encrypt the data is via using KMS keys.
As per AWS docs, Storage Gateway supports AWS KMS to encrypt data stored in AWS by all gateway types.
This includes virtual tapes managed by Tape Gateway, in-cloud volumes and EBS Snapshots created by Volume Gateway, and files stored as objects in Amazon Simple Storage Service (S3) by File Gateway.
If AWS KMS is not used, all data stored in AWS by the Storage Gateway service is encrypted with Amazon S3-Managed Encryption Keys (SSE-S3) by default.
Hence option B is the correct choice.
For more information on storage gateway encryption, please refer to the below URL-
https://docs.aws.amazon.com/storagegateway/latest/userguide/encryption.htmlThe ideal service to provision the application environment for the development team, without managing the underlying infrastructure, is AWS Elastic Beanstalk.
AWS Elastic Beanstalk is a fully managed service that allows developers to easily deploy and manage applications in multiple programming languages such as Java, .NET, Node.js, Python, Ruby, Go, and Docker. Elastic Beanstalk can automatically provision the necessary resources, such as Amazon EC2 instances, load balancers, auto-scaling groups, and storage, to run and scale the application.
In this case, since the application is already using Docker containers on-premises, Elastic Beanstalk's Docker platform can be used to run the application on AWS. The developer only needs to provide the Docker image and Elastic Beanstalk takes care of the rest, including deploying the application, configuring the necessary infrastructure, and scaling it as needed.
The other options listed are not the ideal choices for this scenario. Amazon EC2 provides a scalable compute capacity in the cloud but requires manual configuration and management of the infrastructure, which goes against the requirement of not managing the underlying infrastructure. AWS CloudFormation is a service that allows developers to create and manage AWS resources using code but still requires manual management and configuration of the resources. AWS OpsWorks is a configuration management service that automates server configuration and deployment, but it is not designed for deploying Docker containers.