A company runs a payment application on Amazon EC2 instances behind an Application Load Balance The EC2 instances run in an Auto Scaling group across multiple Availability Zones The application needs to retrieve application secrets during the application startup and export the secrets as environment variables These secrets must be encrypted at rest and need to be rotated every month.
Which solution will meet these requirements with the LEAST development effort?
AWS Secrets Manager:Built for managing secrets, providing encryption, automatic rotation, and access control.
Customer Master Key (CMK):Provides an extra layer of control over encryption through AWS KMS.
Automatic Rotation:Enhances security by regularly changing the secret.
User Data Script:Allows secrets retrieval at instance startup and sets them as environment variables for seamless use within the application.
AWS Secrets Manager Documentation:https://docs.aws.amazon.com/secretsmanager/
AWS KMS Documentation:https://docs.aws.amazon.com/kms/
User Data for EC2 Instances:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html
Loren
5 days agoPete
8 days agoLisha
16 days agoCassi
19 days agoLisha
21 days agoRaelene
25 days agoYoulanda
2 days agoDeonna
13 days agoXenia
14 days ago