AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company needs to securely store important credentials that an application uses to connect users to a database. Which AWS service can meet this requirement with the MINIMAL amount of operational overhead?
Real Exam
Community
RRitesh
A
AWS Key Management Service (AWS KMS)
B
AWS Config
C
AWS Secrets Manager
D
Amazon GuardDuty
Explanation:
Explanation
AWS Secrets Manager is the correct choice because:
-
Purpose-built for credentials: Secrets Manager is specifically designed to store and manage sensitive information like database credentials, API keys, and other secrets
-
Automatic rotation: It can automatically rotate secrets according to a schedule, reducing operational overhead
-
Secure storage: Secrets are encrypted at rest using AWS KMS
-
Easy integration: Applications can retrieve secrets through API calls without storing credentials in code
-
Minimal operational overhead: Unlike managing credentials manually or using KMS directly, Secrets Manager handles the complexity of secret management
Why other options are incorrect:
-
AWS KMS: Primarily for encryption key management, not credential storage
-
AWS Config: For resource configuration tracking and compliance, not credential management
-
Amazon GuardDuty: For threat detection and security monitoring, not credential storage
Secrets Manager provides the most streamlined approach for securely storing and managing database credentials with minimal operational effort.
Comments
Loading comments...