A company has a relational database workload that runs on Amazon Aurora MySQL. According to new compliance standards the company must rotate all database credentials every 30 days. The company needs a solution that maximizes security and minimizes development effort.
Which solution will meet these requirements?
To rotate database credentials every 30 days, the most secure and efficient solution is to store the database credentials in AWS Secrets Manager and configure automatic credential rotation for every 30 days. Secrets Manager can handle the rotation of the credentials in both the secret and the database, and it can use AWS KMS to encrypt the credentials. Option B is incorrect because it requires creating a custom Lambda function to rotate the credentials, which is more effort than using Secrets Manager. Option C is incorrect because it stores the database credentials in an environment file or a configuration file, which is less secure than using Secrets Manager. Option D is incorrect because it combines the drawbacks of option B and option C. Verified Reference:
https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html
https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_turn-on-for-other.html
Telma
5 months agoJamey
5 months agoHubert
6 months agoBrittani
6 months agoJamey
6 months agoNu
6 months agoShaquana
6 months agoTwana
6 months agoSabine
7 months agoMarta
7 months agoShawnda
7 months agoMabel
8 months agoGlory
8 months agoCaprice
7 months agoLeah
7 months agoKimberlie
8 months agoLuisa
8 months agoTawna
8 months agoHorace
8 months agoLynda
8 months agoMarvel
8 months agoKirk
8 months ago