SAA-C03 · Question #665
SAA-C03 Question #665: Real Exam Question with Answer & Explanation
The correct answer is C: Store the database credentials in an AWS Secrets Manager secret. Configure a 3-month rotation. AWS Secrets Manager is designed specifically for storing and automatically rotating secrets such as database credentials. For Amazon RDS, Secrets Manager provides built-in rotation integrations, so you only need to configure a 3-month rotation schedule and attach an IAM role to t
Question
A company needs to securely store credentials that an application that runs on an Amazon EC2 instance uses to access an Amazon RDS DB instance. The company must rotate the credentials every 3 months. Which solution will meet these requirements with LEAST operational overhead?
Options
- AStore the credentials in an AWS Systems Manager Parameter Store parameter. Use an AWS
- BStore the credentials in an AWS Systems Manager Parameter Store parameter. Use an AWS
- CStore the database credentials in an AWS Secrets Manager secret. Configure a 3-month rotation
- DStore the database credentials in an AWS Systems Manager Parameter Store parameter. Use an
Explanation
AWS Secrets Manager is designed specifically for storing and automatically rotating secrets such as database credentials. For Amazon RDS, Secrets Manager provides built-in rotation integrations, so you only need to configure a 3-month rotation schedule and attach an IAM role to the EC2 instance that allows it to read the secret. Secrets Manager handles updating the credentials in RDS and the stored secret, giving you secure storage and automatic rotation with the least operational effort.
Community Discussion
No community discussion yet for this question.