ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer - Associate DVA-C02 All Questions

View all questions & answers for the AWS Certified Developer - Associate DVA-C02 exam
Go to Exam

Exam AWS Certified Developer - Associate DVA-C02 topic 1 question 386 discussion

Exam question from Amazon's AWS Certified Developer - Associate DVA-C02
Question #: 386
Topic #: 1
[All AWS Certified Developer - Associate DVA-C02 Questions]

A company uses an AWS Lambda function to transfer files from an Amazon S3 bucket to the company's SFTP server. The Lambda function connects to the SFTP server by using credentials such as username and password. The company uses Lambda environment variables to store these credentials.

A developer needs to implement encrypted username and password credentials.

Which solution will meet these requirements?

  • A. Remove the user credentials from the Lambda environment. Implement IAM database authentication.
  • B. Move the user credentials from Lambda environment variables to AWS Systems Manager Parameter Store.
  • C. Move the user credentials from Lambda environment variables to AWS Key Management Service (AWS KMS).
  • D. Move the user credentials from the Lambda environment to an encrypted .txt file. Store the file in an S3 bucket.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by rdiaz at July 12, 2024, 6:08 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
examuserss
3 months, 3 weeks ago
Selected Answer: B
The best solution is B. Move the user credentials from Lambda environment variables to AWS Systems Manager Parameter Store. Here's why: Parameter Store is designed for securely storing sensitive information. It allows you to encrypt parameters (like usernames and passwords) using AWS KMS, offering strong encryption at rest and in transit. Parameter Store also provides fine-grained access control, ensuring only authorized entities can retrieve the credentials.
upvoted 1 times
...
xdeveloper
3 months, 3 weeks ago
Selected Answer: B
AWS Key Management Service (KMS) is used for managing encryption keys but is not intended to directly store sensitive data like credentials. You would use KMS for encrypting data, and you would still need a service like Parameter Store to store and retrieve the encrypted credential
upvoted 1 times
...
preachr
6 months, 3 weeks ago
Selected Answer: B
We can use two SecureString parameters—one for the SFTP username and one for the SFTP password.
upvoted 1 times
...
albert_kuo
6 months, 3 weeks ago
Selected Answer: B
import boto3 import os ssm = boto3.client('ssm') def lambda_handler(event, context): username = ssm.get_parameter(Name='SFTPUsername', WithDecryption=True)['Parameter']['Value'] password = ssm.get_parameter(Name='SFTPPassword', WithDecryption=True)['Parameter']['Value']
upvoted 1 times
...
28304e5
7 months, 2 weeks ago
Selected Answer: D
D is only answer that clearly encrypts the credentials.
upvoted 1 times
...
28304e5
7 months, 2 weeks ago
Answer: D The question explicitly states that the credentials must be encrypted. AWS Systems Manager Parameter does not encrypt the parameters by default, so B does not work as it doesn't state that encryption has been enabled.
upvoted 1 times
...
rdiaz
9 months, 2 weeks ago
Selected Answer: B
parameter store is the most suitable option
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago