A security engineer must use AWS Key Management Service (AWS KMS) to design a key management solution for a set of Amazon Elastic Block Store (AmazonEBS) volumes that contain sensitive data.The solution needs to ensure that the key material automatically expires in 90 days.
Which solution meets these criteria?
A customer managed CMK that uses customer provided key material
A customer managed CMK that uses AWS provided key material
An AWS managed CMK
Operation system-native encryption that uses GnuPG