ExpertAWS SAA-C03 · Question 04 · Domain 1.1: Secure Access
A company is running an application on Amazon EC2 instances. The application needs to connect to an Amazon RDS for MySQL database. The company wants to avoid storing database credentials in the application code or configuration files.<br/><br/>Which solution meets these requirements MOST securely?
A company is running an application on Amazon EC2 instances. The application needs to connect to an Amazon RDS for MySQL database. The company wants to avoid storing database credentials in the application code or configuration files.<br/><br/>Which solution meets these requirements MOST securely?
Answer options:
Store the database credentials in an encrypted Amazon S3 bucket. Have the EC2 instances download them at startup.
Enable IAM database authentication on the RDS instance. Attach an IAM role to the EC2 instances to grant access.
Store the database credentials in AWS Systems Manager Parameter Store as a SecureString.
Use AWS KMS to encrypt the credentials in the application code.
How to approach this question
Full Answer
Common mistakes
Practice the full AWS SAA-C03 Practice Exam 6
65 questions · hints · full answers · grading