nerdexam
Amazon

DVA-C02 · Question #138

A company must deploy all its Amazon RDS DB instances by using AWS CloudFormation templates as part of AWS CodePipeline continuous integration and continuous delivery (CI/CD) automation. The primary p

The correct answer is D. Use the AWS::SecretsManager::Secret resource to generate a secure string. Store the secure. With AWS CloudFormation, you can retrieve a secret to use in another AWS CloudFormation resource. A common scenario is to first create a secret with a password generated by Secrets Manager, and then retrieve the username and password from the secret to use as credentials for http

Submitted by viktor_hu· Mar 5, 2026Deployment

Question

A company must deploy all its Amazon RDS DB instances by using AWS CloudFormation templates as part of AWS CodePipeline continuous integration and continuous delivery (CI/CD) automation. The primary password for the DB instance must be automatically generated as part of the deployment process. Which solution will meet these requirements with the LEAST development effort?

Options

  • ACreate an AWS Lambda-backed CloudFormation custom resource. Write Lambda code that
  • BUse the AWS CodeBuild action of CodePipeline to generate a secure string by using the following
  • CCreate an AWS Lambda-backed CloudFormation custom resource. Write Lambda code that
  • DUse the AWS::SecretsManager::Secret resource to generate a secure string. Store the secure

How the community answered

(32 responses)
  • A
    3% (1)
  • B
    13% (4)
  • C
    9% (3)
  • D
    75% (24)

Explanation

With AWS CloudFormation, you can retrieve a secret to use in another AWS CloudFormation resource. A common scenario is to first create a secret with a password generated by Secrets Manager, and then retrieve the username and password from the secret to use as credentials for https://docs.aws.amazon.com/secretsmanager/latest/userguide/cfn-example_reference-

Community Discussion

No community discussion yet for this question.

Full DVA-C02 Practice