ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS-SysOps All Questions

View all questions & answers for the AWS-SysOps exam
Go to Exam

Exam AWS-SysOps topic 1 question 742 discussion

Exam question from Amazon's AWS-SysOps
Question #: 742
Topic #: 1
[All AWS-SysOps Questions]

A web application runs on Amazon EC2 instances and accesses external services. The external services require authentication credentials. The application is deployed using AWS CloudFormation to three separate environments: development, test, and production. Each environment requires unique credentials for external services.
What option securely provides the application with the needed credentials while requiring MINIMAL administrative overhead?

  • A. Pass the credentials for the target environment to the CloudFormation template as parameters. Use the user data script to insert the parameterized credentials into the EC2 instances.
  • B. Store the credentials as secure strings in AWS Systems Manager Parameter Store. Pass an environment tag as a parameter to the CloudFormation template. Use the user data script to insert the environment tag in the EC2 instances. Access the credentials from the application.
  • C. Create a separate CloudFormation template for each environment. In the Resources section, include a user data script for each EC2 instance. Use the user data script to insert the proper credentials for the environment into the EC2 instances.
  • D. Create separate Amazon Machine Images (AMIs) with the required credentials for each environment. Pass the environment tag as a parameter to the CloudFormation template. In the Mappings section of the CloudFormation template, map the environment tag to the proper AMI, then use that AMI when launching the EC2 instances.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by RyanGhavidel at April 14, 2020, 10:23 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
albert_kuo
1 year, 1 month ago
Selected Answer: B
Storing the credentials as secure strings in AWS Systems Manager Parameter Store allows for secure storage and centralized management of sensitive information. This approach helps minimize administrative overhead while providing secure access to the credentials. By passing an environment tag as a parameter to the CloudFormation template, you can specify the target environment during deployment. The user data script can then retrieve the environment tag and insert it into the EC2 instances. The application can access the credentials from the Systems Manager Parameter Store using the appropriate API calls or SDKs provided by AWS. This allows the application to securely retrieve the necessary credentials at runtime.
upvoted 1 times
...
gulu73
1 year, 6 months ago
Selected Answer: B
Correct answer is B
upvoted 1 times
...
TroyMcLure
2 years, 9 months ago
Correct Answer: B
upvoted 2 times
...
RicardoD
2 years, 9 months ago
B is the answer. to securely store the credentials one should use the SM parameter store
upvoted 1 times
...
abhishek_m_86
2 years, 9 months ago
B. Store the credentials as secure strings in AWS Systems Manager Parameter Store. Pass an environment tag as a parameter to the CloudFormation template. Use the user data script to insert the environment tag in the EC2 instances. Access the credentials from the application.
upvoted 3 times
...
jackdryan
2 years, 9 months ago
I'll go with B
upvoted 1 times
...
hurryhurry
2 years, 10 months ago
Repeated. B is the correct answer
upvoted 1 times
...
waterzhong
2 years, 10 months ago
B is correct
upvoted 1 times
...
orebaron
2 years, 10 months ago
B same as #150 question
upvoted 3 times
...
jyrajan69
2 years, 10 months ago
B. Key point being minimal supervision, A will require a lot.
upvoted 1 times
...
LuciEn
2 years, 10 months ago
B: You can reference Systems Manager parameters in your scripts, commands, SSM documents, and configuration and automation workflows by using the unique name that you specified when you created the parameter. https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-parameter-store.html
upvoted 4 times
...
RyanGhavidel
2 years, 11 months ago
B is correct
upvoted 4 times
Bad_Mat
2 years, 11 months ago
Any link? Why not A?
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel