Answer-first summary for fast verification
Answer: Utilize AWS Secrets Manager for storing and automatically rotating database credentials, with Lambda retrieving them.
The correct answer is A. AWS Secrets Manager is designed to manage, retrieve, and automatically rotate database credentials, making it a suitable solution for the given requirements. By turning on rotation in Secrets Manager, the credentials are automatically updated every two weeks. The Lambda function can programmatically retrieve the most recent credentials from Secrets Manager, ensuring compliance with the company's policy. Although AWS Systems Manager Parameter Store also allows for credential storage, it does not provide automatic rotation without additional configuration, making Secrets Manager the more efficient and straightforward choice.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A developer is deploying a static website on Amazon S3, integrated with an Amazon Aurora PostgreSQL database via an AWS Lambda function. The production deployment uses a Lambda alias for a specific function version. The company policy requires database credentials to be rotated bi-weekly, ensuring all Lambda functions have access to the latest credentials. What is the appropriate solution?
A
Utilize AWS Secrets Manager for storing and automatically rotating database credentials, with Lambda retrieving them.
B
Embed database credentials in the Lambda function code, updating and redeploying the function when credentials change.
C
Employ Lambda environment variables for storing credentials, updating them as needed.
D
Use AWS Systems Manager Parameter Store for credential storage and rotation, accessing them within Lambda.
No comments yet.