What should the solutions architect do next to complete the solution for automatic decryption?
Store the PGP public key in Secrets Manager. Add a nominal step in the Transfer Family managed workflow to decrypt files. Configure PGP encryption parameters in the nominal step. Associate the workflow with the Transfer Family server.
Store the PGP private key in Secrets Manager. Add an exception-handling step in the Transfer Family managed workflow to decrypt files. Configure PGP encryption parameters in the exception handler. Associate the workflow with the SFTP user.
Store the PGP private key in Secrets Manager. Add a nominal step in the Transfer Family managed workflow to decrypt files. Configure PGP decryption parameters in the nominal step. Associate the workflow with the Transfer Family server.
Store the PGP public key in Secrets Manager. Add an exception-handling step in the Transfer Family managed workflow to decrypt files. Configure PGP decryption parameters in the exception handler. Associate the workflow with the SFTP user.
Explanations:
Storing the PGP public key is not appropriate for decryption; the public key is used for encryption, not decryption.
An exception-handling step is not suitable for the primary task of decrypting files; a nominal step should be used. Also, storing the private key in Secrets Manager is correct, but it is better applied in a nominal step.
Storing the PGP private key in Secrets Manager is the correct approach for decryption. Adding a nominal step to handle the decryption directly after file receipt aligns with the workflow design for automatic processing.
Similar to option A, storing the public key is incorrect for decryption. Using an exception handler instead of a nominal step is also not appropriate for this use case.