Exam AWS Certified Developer - Associate DVA-C02 topic 1 question 10 discussion

Correct answer is A.

The application has credentials and URL, so it’s convenient to store them in ssm parameter store restive them.

keyword: FEWEST application changes ==> A: This minimizes code changes as the retrieval method remains consistent across environments; only the Parameter Store paths need updating. Secrets Manager securely stores sensitive credentials.

AWS Systems Manager Parameter Store is a service that allows you to securely store configuration data such as API URLs, credentials, and other variables. By updating the application to retrieve the variables from Parameter Store, you can separate the configuration from the application code, making it easier to manage and update the variables without modifying the application itself. Storing the credentials in AWS Secrets Manager provides an additional layer of security for sensitive information.

Answer is A AWS Systems Manager Parameter Store and AWS Secrets Manager are designed for securely storing and managing sensitive information such as credentials, API URLs, and configuration variables. Using AWS Systems Manager Parameter Store allows the developer to centrally manage configuration variables across different environments (development, testing, production) without requiring application code changes. Each variable can have a unique path in Parameter Store, ensuring separation and organization.

Correct Answer is A Option B, using AWS Key Management Service (AWS KMS), is not ideal for this scenario primarily because AWS KMS is designed for creating and controlling encryption keys, not for storing configuration data or credentials. KMS keys are used to encrypt and decrypt data, rather than directly storing or managing it. For securely managing and retrieving application configuration data and sensitive information like API credentials, Systems Manager Parameter Store and AWS Secrets Manager are more appropriate, offering direct support for these use cases with better integration for applications.

A is the correct answer.

SSM parameter store with proper posh is the answer.

You put the different variables for each environment, is the best solution because it's isolated between environment

i think corrent is A, but why is B ?

I think the wording of option A has a typo first it mentioned " Update the application to retrieve the variables from AWS Systems Manager Parameter Store" then it says "Store the credentials in AWS Secrets Manager in each environment."

A is correct

Option A is correct. The AWS Systems Manager Paramter Store's primary purpose is to secure sensitive information such as API URLs, credentials and the variables that we store in it.

his solution allows the developer to securely store and retrieve different types of variables, including authentication information for a remote API, the URL for the API, and credentials.

Definitely A

it should be a, kms is used for encryption: https://aws.amazon.com/kms/

It should be option A