ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer Associate All Questions

View all questions & answers for the AWS Certified Developer Associate exam
Go to Exam

Exam AWS Certified Developer Associate topic 1 question 409 discussion

Exam question from Amazon's AWS Certified Developer Associate
Question #: 409
Topic #: 1
[All AWS Certified Developer Associate Questions]

A developer manages an Amazon RDS for PostgreSQL database. An Amazon Elastic Container Service (Amazon ECS) container that uses AWS Fargate needs to modify the contents of the database during a nightly run.

Which combination of steps should the developer take to provide database access to the container in the MOST secure manner? (Choose two.)

  • A. Define a database secret in AWS Secrets Manager. Provide the credentials to the container by using the task definition.
  • B. Define a password in AWS CloudFormation. Pass the password into the environment variables of the container.
  • C. Enable IAM authentication for the database. Grant the appropriate permissions to the container.
  • D. Use an Amazon Cognito identity pool to authenticate the container. Use the provided response token to connect to the database.
  • E. Define an AWS Key Management Service (AWS KMS) key that encrypts the contents of the database. Grant permission to decrypt to the container.
Show Suggested Answer Hide Answer
Suggested Answer: AC 🗳️
by KT_Yu at Jan. 20, 2023, 9:18 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AWSdeveloper08
2 years, 1 month ago
Selected Answer: AC
Vote - AC makes sense since the question is only asked for secure access to database
upvoted 1 times
...
Smartiup
2 years, 6 months ago
Selected Answer: AC
The question asks for acess to the database so AC makes sense. E is not related to database access, you may not decrypt the content but still access the db.
upvoted 1 times
...
pengpeng
2 years, 6 months ago
CE. The question is askingg combination of steps. A and C are exclusive, C is more secure. B & D is wrong, so C E.
upvoted 1 times
...
tieyua
2 years, 6 months ago
Selected Answer: CE
Dare I make a wild guess of C/E here? C is given, B/D are obviously wrong. But when using IAM db authentication, there's nothing worthy of secrets manager. You have to get an authentication token lasting only 15 minutes, can't save it to task definition. aws rds generate-db-auth-token --hostname --username That leave us only E. It doesn't make much sense but it's the only thing remotely sounding like Make Postgre Great Again ... Hope some you guys still hanging around to discuss.
upvoted 2 times
...
JagpreetLM10
2 years, 7 months ago
Selected Answer: AC
A and C looks secure
upvoted 1 times
...
Phinx
2 years, 7 months ago
Selected Answer: AC
A and C makes the most sense.
upvoted 1 times
...
KT_Yu
2 years, 7 months ago
Selected Answer: AC
A and C I choose
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel