Answer-first summary for fast verification
Answer: Leverage AWS Systems Manager Parameter Store for secure credentials storage.
The best approach for this scenario is to use AWS Systems Manager Parameter Store to store the credentials as a secure string parameter. This service provides a centralized way to manage encrypted secrets across multiple services, making it more secure and manageable compared to environment variables, which would need to be updated individually. Parameter Store also integrates well with AWS Key Management Service (AWS KMS) for encryption. Although IAM database authentication (Option A) enhances security, it doesn't specifically address the storage of the connection string. Therefore, Option C is the most appropriate choice.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
How can a company ensure secure, single encrypted database connection strings for multiple AWS Lambda functions accessing an Amazon Aurora DB instance, in compliance with an information security policy?
A
Implement IAM database authentication for Aurora.
B
Utilize encrypted credentials from an Amazon RDS DB instance.
C
Leverage AWS Systems Manager Parameter Store for secure credentials storage.
D
Encrypt Lambda environment variables using an AWS KMS key.