Answer-first summary for fast verification
Answer: Leverage AWS Secrets Manager for credential storage with automatic rotation and EC2 role-based access.
The correct answer is C: 'Leverage AWS Secrets Manager for credential storage with automatic rotation and EC2 role-based access.' AWS Secrets Manager is designed to store confidential information such as database credentials and can automatically rotate these credentials. This service integrates seamlessly with Amazon RDS and allows for minimal operational overhead because it eliminates the need for manual updates and management. Options A and B require additional management and scripting, which increases operational overhead. Option D, while a feasible solution, involves using AWS Systems Manager Parameter Store, which does not support automatic rotation of credentials as seamlessly as AWS Secrets Manager.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
In an AWS-based two-tier web application, developers need a solution to prevent hardcoding database credentials and to automate the rotation of these credentials with minimal operational overhead. Which approach best meets these criteria?
A
Utilize instance metadata for storing credentials and employ Amazon EventBridge to trigger a Lambda function for simultaneous RDS and metadata updates.
B
Encrypt credentials in an S3 bucket, with EventBridge scheduling a Lambda function for RDS and file updates, incorporating S3 Versioning for rollback.
C
Leverage AWS Secrets Manager for credential storage with automatic rotation and EC2 role-based access.
D
Use AWS Systems Manager Parameter Store for encrypted credential storage, with automatic rotation and EC2 role-based access.
No comments yet.