Answer-first summary for fast verification
Answer: Employ AWS Secrets Manager for RDS credentials with rotation and SecureString parameters in Systems Manager for other parameters.
The correct answer is B. AWS Secrets Manager is specifically designed to manage sensitive information such as database credentials and supports automatic rotation. Creating SecureString parameters in AWS Systems Manager Parameter Store for storing other parameter values like those for DynamoDB tables, S3 buckets, and SNS topics allows for secure, centralized management. This setup provides reusability and ease of updating without the need to modify the Lambda function code, fulfilling all the requirements with the least operational overhead.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A developer seeks a secure, encrypted method to store and manage AWS Lambda function parameters for RDS SQL Server credentials, DynamoDB table, S3 bucket, and SNS topic, with the ability to rotate credentials and update values without altering code. What is the most efficient solution with minimal operational overhead?
A
Utilize AWS Secrets Manager for RDS credentials with rotation and encrypted environment variables for other parameters.
B
Employ AWS Secrets Manager for RDS credentials with rotation and SecureString parameters in Systems Manager for other parameters.
C
Use Systems Manager for RDS credentials and encrypted environment variables, creating a Lambda for credentials rotation scheduled in EventBridge.
D
Store RDS credentials in Systems Manager, other parameters in S3, and implement a scheduled Lambda function for credentials rotation.