Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer - Associate DVA-C02 All Questions

View all questions & answers for the AWS Certified Developer - Associate DVA-C02 exam
Go to Exam

Exam AWS Certified Developer - Associate DVA-C02 topic 1 question 326 discussion

Exam question from Amazon's AWS Certified Developer - Associate DVA-C02
Question #: 326
Topic #: 1
[All AWS Certified Developer - Associate DVA-C02 Questions]

A company runs a payment application on Amazon EC2 instances behind an Application Load Balance. The EC2 instances run in an Auto Scaling group across multiple Availability Zones. The application needs to retrieve application secrets during the application startup and export the secrets as environment variables. These secrets must be encrypted at rest and need to be rotated every month.

Which solution will meet these requirements with the LEAST development effort?

  • A. Save the secrets in a text file and store the text file in Amazon S3. Provision a customer managed key. Use the key for secret encryption in Amazon S3. Read the contents of the text file and read the export as environment variables. Configure S3 Object Lambda to rotate the text file every month.
  • B. Save the secrets as strings in AWS Systems Manager Parameter Store and use the default AWS Key Management Service (AWS KMS) key. Configure an Amazon EC2 user data script to retrieve the secrets during the startup and export as environment variables. Configure an AWS Lambda function to rotate the secrets in Parameter Store every month.
  • C. Save the secrets as base64 encoded environment variables in the application properties. Retrieve the secrets during the application startup. Reference the secrets in the application code. Write a script to rotate the secrets saved as environment variables.
  • D. Store the secrets in AWS Secrets Manager. Provision a new customer master key. Use the key to encrypt the secrets. Enable automatic rotation. Configure an Amazon EC2 user data script to programmatically retrieve the secrets during the startup and export as environment variables.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Americo32 at Feb. 12, 2024, 6:27 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
tgv
Highly Voted 8 months ago
rotation --> AWS Secrets Manager
upvoted 6 times
...
CrescentShared
Highly Voted 7 months, 4 weeks ago
Selected Answer: D
D is right
upvoted 6 times
...
albert_kuo
Most Recent 2 weeks, 1 day ago
Selected Answer: D
#!/bin/bash secret_value=$(aws secretsmanager get-secret-value --secret-id your-secret-id --query SecretString --output text) export SECRET_ENV_VAR=$secret_value
upvoted 1 times
...
65703c1
4 months, 3 weeks ago
Selected Answer: D
D is the correct answer.
upvoted 1 times
...
seetpt
6 months, 3 weeks ago
Selected Answer: D
D is right
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel