Explanation:
AWS Secrets Manager is specifically designed to store, manage, and rotate database credentials automatically. Amazon RDS Proxy is a highly available database proxy that makes applications more scalable and resilient to database failures by pooling and sharing established database connections. This is ideal for handling rapid increases in client connections. Read replicas (Options B and D) help with read-heavy traffic but do not manage connection spikes or write-intensive traffic efficiently compared to RDS Proxy. AWS KMS (Options A and B) manages encryption keys, not database login credentials.
Ultimate access to all questions.
No comments yet.
Question #23 \nA CloudOps engineer is designing a solution for an Amazon RDS for PostgreSQL DB instance. Database credentials must be stored and rotated monthly. The applications that connect to the DB instance send write-intensive traffic with variable client connections that sometimes increase significantly in a short period of time. \nWhich solution should a CloudOps engineer choose to meet these requirements?
A
Configure AWS Key Management Service (AWS KMS) to automatically rotate the keys for the DB instance. Use RDS Proxy to handle the increases in database connections.
B
Configure AWS Key Management Service (AWS KMS) to automatically rotate the keys for the DB instance. Use RDS read replicas to handle the increases in database connections.
C
Configure AWS Secrets Manager to automatically rotate the credentials for the DB instance. Use RDS Proxy to handle the increases in database connections.
D
Configure AWS Secrets Manager to automatically rotate the credentials for the DB instance. Use RDS read replicas to handle the increases in database connections.
E
None
F
None