Answer-first summary for fast verification
Answer: By creating an IAM role with Parameter Store read access and assigning it to the EC2 instance.
The correct answer is A. Creating an IAM role with read access to the Parameter Store parameter and assigning it to the EC2 instance is the most secure and straightforward way to manage database credentials. The role provides the necessary permissions for the EC2 instance to read the parameters, and by encrypting the parameter with AWS KMS, data security is ensured. Options B, C, and D either lack the required security measures or are not applicable in this context.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How should a solutions architect securely manage database credentials for an Amazon RDS instance accessed by an EC2 application, using AWS Systems Manager Parameter Store?
A
By creating an IAM role with Parameter Store read access and assigning it to the EC2 instance.
B
By creating an IAM policy for Parameter Store read access and applying it to the EC2 instance.
C
By establishing an IAM trust relationship between the Parameter Store and EC2, with Amazon RDS as the principal.
D
By establishing an IAM trust relationship between the RDS instance and EC2, with Systems Manager as the principal.
No comments yet.