A company wants to build a scalable key management infrastructure to support developers who need to encrypt data in their applications. What should a solutions architect do to reduce the operational burden?

• AUse multi-factor authentication (MFA) to protect the encryption keys.
• BUse AWS Key Management Service (AWS KMS) to protect the encryption keys.
• CUse AWS Certificate Manager (ACM) to create, store, and assign the encryption keys.
• DUse an IAM policy to limit the scope of users who have access permissions to protect the encryption keys.