Answer-first summary for fast verification
Answer: Launch the EC2 instances with an EC2 IAM role to access AWS services. Retrieve the database credentials from AWS Secrets Manager.
The most secure and flexible way to obtain password credentials during deployment is to use AWS Secrets Manager along with IAM roles. Option B suggests launching the EC2 instances with an EC2 IAM role to access AWS services and retrieving the database credentials from AWS Secrets Manager. This approach ensures that the credentials are managed securely, and roles can be assigned with the necessary permissions to access services, eliminating the need for hardcoding credentials or using less secure methods.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
In a scenario where a large enterprise is deploying a web application on AWS, utilizing Amazon EC2 instances managed by an Application Load Balancer and an Auto Scaling group across multiple Availability Zones, with data stored in an Amazon RDS for Oracle DB instance and Amazon DynamoDB, and with distinct environments for development, testing, and production, what is the most secure and flexible method for acquiring password credentials during the deployment process?
A
Retrieve an access key from an AWS Systems Manager SecureString parameter to access AWS services. Retrieve the database credentials from a Systems Manager SecureString parameter.
B
Launch the EC2 instances with an EC2 IAM role to access AWS services. Retrieve the database credentials from AWS Secrets Manager.
C
Retrieve an access key from an AWS Systems Manager plaintext parameter to access AWS services. Retrieve the database credentials from a Systems Manager SecureString parameter.
D
Launch the EC2 instances with an EC2 IAM role to access AWS services. Store the database passwords in an encrypted config file with the application artifacts.
No comments yet.