How can the Administrator meet this requirement?
Implement AWS KMS and integrate with the existing on-premises asymmetrical key management system
Implement AWS CloudHSM and integrate it with the existing key management infrastructure
Deploy an Amazon EC2 instance and choose an AMI from an AWS partner in the AWS Marketplace
Create a master key in AWS KMS, and export that key to the existing on-premises asymmetrical key management system
Explanations:
AWS KMS is primarily designed to manage symmetric keys and does not directly support integrating asymmetrical key management systems on-premises.
AWS CloudHSM provides a dedicated hardware security module that can integrate with on-premises asymmetric key management systems, allowing secure management of asymmetric keys.
Deploying an EC2 instance with an AMI from the AWS Marketplace does not provide direct integration with existing on-premises key management systems.
AWS KMS keys cannot be exported. Therefore, it is not possible to export a master key to an on-premises system.