AWS Certified Cloud Practitioner

Get started today

Ultimate access to all questions.

Deep dive into the quiz with AI chat providers.

We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.

A company needs to securely store important credentials that an application uses to connect users to a database. Which AWS service can meet this requirement with the MINIMAL amount of operational overhead?

Real Exam

Community

RRitesh

AWS Key Management Service (AWS KMS)

AWS Config

AWS Secrets Manager

Amazon GuardDuty

Explanation:

Explanation

AWS Secrets Manager is the correct choice because:

Purpose-built for credentials: Secrets Manager is specifically designed to store and manage sensitive information like database credentials, API keys, and other secrets
Automatic rotation: It can automatically rotate secrets according to a schedule, reducing operational overhead
Secure storage: Secrets are encrypted at rest using AWS KMS
Easy integration: Applications can retrieve secrets through API calls without storing credentials in code
Minimal operational overhead: Unlike managing credentials manually or using KMS directly, Secrets Manager handles the complexity of secret management

Why other options are incorrect:

AWS KMS: Primarily for encryption key management, not credential storage
AWS Config: For resource configuration tracking and compliance, not credential management
Amazon GuardDuty: For threat detection and security monitoring, not credential storage

Secrets Manager provides the most streamlined approach for securely storing and managing database credentials with minimal operational effort.

Powered ByGemini-3 Flash

Comments

Loading comments...