AWS Certified Developer - Associate
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
A company operates a payment application on EC2 instances with an Application Load Balancer, using an Auto Scaling group spanning multiple AZs. The application requires encrypted secrets at rest, fetched as environment variables during startup, and rotated monthly. Identify the solution with minimal development effort.
A
Encrypt secrets in a text file stored in S3, using a customer-managed key. Read and export file contents as environment variables. Automate monthly rotation with S3 Object Lambda.
B
Utilize AWS Systems Manager Parameter Store with the default KMS key for secret strings. Use EC2 user data scripts for startup retrieval and environment variable export. Set up a Lambda function for monthly secret rotation.
C
Encode secrets in base64 and store as environment variables in app properties. Reference and rotate secrets in the application code.
D
Use AWS Secrets Manager with a customer master key for encryption and automatic rotation. Retrieve secrets with EC2 user data scripts and export as environment variables.