A security engineer is developing a Java application hosted on Amazon EC2 that interacts with an Amazon RDS database using a username and password for authentication. What are two effective methods to safeguard these credentials and ensure minimal disruption during credential rotation?

Exam-Like

Encrypt the credentials with a database administrator's assistance and store the encrypted text in Amazon S3, granting the EC2 instance role the necessary permissions to read and decrypt the text.

0.0%

Set up a scheduled task to update the credentials in AWS Systems Manager Parameter Store and alert the engineer to restart the application.

0.0%

Enable automatic credential rotation within AWS Secrets Manager.

50.0%

Secure the credentials by storing them as an encrypted parameter in AWS Systems Manager Parameter Store, and allow the EC2 instance role access to both the parameter and the AWS KMS key used for encryption.

6.3%

Program the Java application to detect connection failures and fetch updated credentials from AWS Secrets Manager upon password rotation, with the EC2 instance role having access permissions to Secrets Manager.

43.8%

AWS Certified Security - Specialty

Get started today

Comments

A security engineer is developing a Java application hosted on Amazon EC2 that interacts with an Amazon RDS database using a username and password for authentication. What are two effective methods to safeguard these credentials and ensure minimal disruption during credential rotation?