In an AWS environment, a company needs to automate the deployment of Amazon RDS DB instances using CloudFormation templates within a CI/CD pipeline. The requirement is to generate the primary DB instance password automatically during deployment. What is the most development-efficient approach to achieve this?

Exam-Like

Implement a CloudFormation custom resource backed by an AWS Lambda function to generate a secure password string, then retrieve and apply this string using CloudFormation's Fn::GetAtt function for DB instance creation.

0.0%

Utilize the AWS CodeBuild step in CodePipeline to execute the AWS CLI command 'aws secretsmanager get-random-password' to generate a secure password string, which is then passed as a CloudFormation parameter with NoEcho attribute for use in DB instance creation.

0.0%

Develop a Lambda function for CloudFormation to create a secure password string, store it as a data field in the custom resource response, and use Fn::GetAtt to access it. Subsequently, create and reference this secret in AWS Secrets Manager for DB instance setup.

0.0%

Leverage the AWS::SecretsManager::Secret CloudFormation resource to auto-generate a secure password, store it in AWS Secrets Manager, and dynamically reference this secret for the DB instance password during creation.

100.0%

AWS Certified Developer - Associate

Get started today

Comments