SAA-C03 · Question #694
SAA-C03 Question #694: Real Exam Question with Answer & Explanation
The correct answer is B: Add the string as a SecureString parameter in AWS Systems Manager Parameter Store. Use the. Storing the sensitive string as a SecureString in AWS Systems Manager Parameter Store encrypts the value at rest using AWS Key Management Service and keeps it securely within the AWS account. Using the AWS-managed Parameters and Secrets Lambda Extension allows the Lambda function
Question
A development team at a company is creating an AWS Lambda function that must use a sensitive variable string. The company must ensure that all sensitive data is securely stored within the company's AWS account. The company must prevent users from viewing the string in plain text. Which solution will meet these requirements?
Options
- AAdd the string as a Lambda environment variable. Reference the variable in the function code.
- BAdd the string as a SecureString parameter in AWS Systems Manager Parameter Store. Use the
- CAdd the string as a parameter in the function code. Use an IAM policy to control access to the
- DAdd the string as a String parameter in AWS Systems Manager Parameter Store. Create a
Explanation
Storing the sensitive string as a SecureString in AWS Systems Manager Parameter Store encrypts the value at rest using AWS Key Management Service and keeps it securely within the AWS account. Using the AWS-managed Parameters and Secrets Lambda Extension allows the Lambda function to retrieve the value securely at runtime without exposing it in plain text in environment variables or code.
Community Discussion
No community discussion yet for this question.