Enable RDS Encryption with minimal downtime after creation

I have 2 RDS instances (one mysql and one postgres) and I need to enable encryption after they were already created. The DBs are large, and I am concerned about potential downtime required to create a snapshot, restore the DB, and then complete the warming process.

I estimate it would take ~5 hours to create the snapshot (Postgres ~1.1TB) and ~24 hours for the mysql (~4.5 TB). Then there is time to restore from snapshot and warm the DBs, and then they'd need to (I'm assuming) catch up transactions that may be happening during that gap of time.

I'm thinking I would need to make sure they have a multi-AZ DB. Then create a snapshot for the DBs, encrypt the snapshot and restore to a new RDS instance. Then, could I use AWS DMS do on-going replication for the DB to catch up the transactions and then flip over to the new DB when there is an available small window for downtime?

Is there a better approach or recommendation?