Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 951 discussion

C Explanation: AWS Secrets Manager is designed specifically for managing and automatically rotating credentials, including database credentials, API keys, and other secrets. It provides a secure and centralized place to store credentials and allows applications to retrieve them securely without hardcoding them in the application. Secrets Manager also offers built-in support for automatic rotation of credentials using Lambda functions, which reduces the manual effort needed for rotation and enhances security. This approach requires minimal programming effort because the application only needs to be configured to retrieve the credentials from Secrets Manager instead of being embedded within the application code.

A - AWS KMS is used for encryption and key management, not for storing and rotating credentials themselves. B - Why manually set up a cron job? C - Securely stores and manages sensitive information such as credentials, and provides native support for automatic rotation. D - Parameter Store doesn't provide automatic rotation.

The correct answer is C. Store the credentials in AWS Secrets Manager. Configure the application to load the database credentials from Secrets Manager. Set up a credentials rotation schedule by creating an AWS Lambda function for Secrets Manager. Explanation: Option C: Correct. AWS Secrets Manager is designed to securely store, manage, and retrieve database credentials. It supports automatic credentials rotation for Amazon RDS databases with minimal programming effort. Secrets Manager can automatically rotate the Amazon RDS database credentials using a built-in Lambda function, providing an integrated and secure solution for handling credentials.

AWS Secret manager securely stores data base user id and passwords

Answer is C