Domain 2.3: Security Controls — AWS SAP-C02 Practice Question 31

How to approach this question

Identify the service specifically designed for database credential rotation.

Full Answer

B.Store the password in AWS Secrets Manager and configure automatic rotation using an AWS Lambda function.✓ Correct

AWS Secrets Manager is specifically designed to manage, retrieve, and automatically rotate database credentials. It provides built-in integration with Amazon RDS and uses Lambda functions to safely rotate the password without causing application downtime.

Common mistakes

Confusing KMS key rotation with database password rotation.

A company is building a new application using AWS CDK. The application requires a database password to connect to Amazon RDS. The security team mandates that the password must be automatically rotated every 30 days without any application downtime. Which solution meets these requirements?

How to approach this question

Full Answer

Common mistakes

Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 4

More questions from this exam