AWS Certified Developer - Associate
Get started today
Ultimate access to all questions.
A company's custom 10 KB Root CA Cert is used for SSL in on-premises HTTPS and AWS Lambda functions. The Root CA Cert must be updated efficiently without rebuilding Lambda functions and must be applicable across separate AWS accounts for development, testing, and production. Identify the most cost-effective solution:
A company's custom 10 KB Root CA Cert is used for SSL in on-premises HTTPS and AWS Lambda functions. The Root CA Cert must be updated efficiently without rebuilding Lambda functions and must be applicable across separate AWS accounts for development, testing, and production. Identify the most cost-effective solution:
Explanation:
The correct answers are C and E. Storing the Root CA Cert in an Amazon S3 bucket (Option C) is more cost-effective compared to using AWS Secrets Manager. Also, refactoring the Lambda code to load the Root CA Cert from its location and modifying the runtime trust store outside the Lambda function handler (Option E) ensures that the trust store is updated only once when the Lambda container is initialized. This avoids the need to rebuild or update all Lambda functions, making the solution efficient and scalable across all AWS accounts used for development, testing, and production.