ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer - Associate DVA-C02 All Questions

View all questions & answers for the AWS Certified Developer - Associate DVA-C02 exam
Go to Exam

Exam AWS Certified Developer - Associate DVA-C02 topic 1 question 312 discussion

Exam question from Amazon's AWS Certified Developer - Associate DVA-C02
Question #: 312
Topic #: 1
[All AWS Certified Developer - Associate DVA-C02 Questions]

A company hosts its application on AWS. The application runs on an Amazon Elastic Container Service (Amazon ECS) cluster that uses AWS Fargate. The cluster runs behind an Application Load Balancer. The application stores data in an Amazon Aurora database. A developer encrypts and manages database credentials inside the application.

The company wants to use a more secure credential storage method and implement periodic credential rotation.

Which solution will meet these requirements with the LEAST operational overhead?

  • A. Migrate the secret credentials to Amazon RDS parameter groups. Encrypt the parameter by using an AWS Key Management Service (AWS KMS) key. Turn on secret rotation. Use IAM policies and roles to grant AWS KMS permissions to access Amazon RDS.
  • B. Migrate the credentials to AWS Systems Manager Parameter Store. Encrypt the parameter by using an AWS Key Management Service (AWS KMS) key. Turn on secret rotation. Use IAM policies and roles to grant Amazon ECS Fargate permissions to access to AWS Secrets Manager.
  • C. Migrate the credentials to ECS Fargate environment variables. Encrypt the credentials by using an AWS Key Management Service (AWS KMS) key. Turn on secret rotation. Use IAM policies and roles to grant Amazon ECS Fargate permissions to access to AWS Secrets Manager.
  • D. Migrate the credentials to AWS Secrets Manager. Encrypt the credentials by using an AWS Key Management Service (AWS KMS) key. Turn on secret rotation. Use IAM policies and roles to grant Amazon ECS Fargate permissions to access to AWS Secrets Manager by using keys.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Americo32 at Feb. 12, 2024, 2:11 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
65703c1
11 months, 2 weeks ago
Selected Answer: D
D is the correct answer.
upvoted 2 times
...
KarBiswa
1 year, 2 months ago
Selected Answer: D
Always secrets manager for credential
upvoted 4 times
BrainFried
8 months, 3 weeks ago
Not always. Depends on cost. SSM PS is cheaper.
upvoted 1 times
...
...
nder
1 year, 2 months ago
Selected Answer: D
If it's secrets manager its for db
upvoted 3 times
...
monishvster
1 year, 2 months ago
Selected Answer: D
Secrets Manager
upvoted 3 times
...
CrescentShared
1 year, 2 months ago
Selected Answer: D
C is not correct.
upvoted 3 times
...
tgv
1 year, 2 months ago
the most secure + secrets rotation --> Secrets Manager
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago