Which solution will meet these requirements MOST cost-effectively?
Use AWS Lambda event source mapping. Set Amazon Simple Queue Service (Amazon SQS) standard queues as the event source. Use AWS Key Management Service (SSE-KMS) for encryption. Add the kms:Decrypt permission for the Lambda execution role.
Use AWS Lambda event source mapping. Use Amazon Simple Queue Service (Amazon SQS) FIFO queues as the event source. Use SQS managed encryption keys (SSE-SQS) for encryption. Add the encryption key invocation permission for the Lambda function.
Use the AWS Lambda event source mapping. Set Amazon Simple Queue Service (Amazon SQS) FIFO queues as the event source. Use AWS KMS keys (SSE-KMS). Add the kms:Decrypt permission for the Lambda execution role.
Use the AWS Lambda event source mapping. Set Amazon Simple Queue Service (Amazon SQS) standard queues as the event source. Use AWS KMS keys (SSE-KMS) for encryption. Add the encryption key invocation permission for the Lambda function.
Explanations:
Using AWS Lambda with Amazon SQS standard queues ensures at least once processing. SSE-KMS with KMS permissions provides strong encryption, meeting security and cost-effectiveness.
SQS FIFO queues are unnecessary for this use case as standard queues provide the required at-least-once processing, and SSE-KMS encryption meets encryption and cost requirements.
FIFO queues are more costly and not required for at-least-once delivery. Additionally, using SSE-KMS is secure but not the most cost-effective in combination with FIFO.
The configuration is mostly correct, but this option incorrectly refers to adding encryption key invocation permission instead of kms, making it less precise for this need.