Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Amazon Exam DVA-C02 Topic 2 Question 40 Discussion

Actual exam question for Amazon's DVA-C02 exam
Question #: 40
Topic #: 2
[All DVA-C02 Questions]

A company runs a payment application on Amazon EC2 instances behind an Application Load Balance The EC2 instances run in an Auto Scaling group across multiple Availability Zones The application needs to retrieve application secrets during the application startup and export the secrets as environment variables These secrets must be encrypted at rest and need to be rotated every month.

Which solution will meet these requirements with the LEAST development effort?

Show Suggested Answer Hide Answer
Suggested Answer: D

AWS Secrets Manager:Built for managing secrets, providing encryption, automatic rotation, and access control.

Customer Master Key (CMK):Provides an extra layer of control over encryption through AWS KMS.

Automatic Rotation:Enhances security by regularly changing the secret.

User Data Script:Allows secrets retrieval at instance startup and sets them as environment variables for seamless use within the application.


AWS Secrets Manager Documentation:https://docs.aws.amazon.com/secretsmanager/

AWS KMS Documentation:https://docs.aws.amazon.com/kms/

User Data for EC2 Instances:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html

Contribute your Thoughts:

Loren
5 days ago
Hmm, Option D with Secrets Manager seems tempting, but I'm not sure it's worth the extra effort compared to B. Sometimes the simplest solution is the best.
upvoted 0 times
...
Pete
8 days ago
Option B is like the Swiss Army knife of secret management - it just works, no fuss!
upvoted 0 times
...
Lisha
16 days ago
That's a valid point, Cassi. Option B does seem like a straightforward solution as well. It's a tough choice between D and B.
upvoted 0 times
...
Cassi
19 days ago
I disagree, I believe option B is the way to go. Using AWS Systems Manager Parameter Store and AWS KMS key seems simpler to implement.
upvoted 0 times
...
Lisha
21 days ago
I think option D is the best choice. It's the easiest way to store and rotate secrets securely.
upvoted 0 times
...
Raelene
25 days ago
Option B seems the most straightforward. Using Parameter Store and KMS is a well-established approach with minimal development effort.
upvoted 0 times
Youlanda
2 days ago
I think we should go with option B for the least amount of effort.
upvoted 0 times
...
Deonna
13 days ago
Yeah, it's a simple setup and doesn't require much development work.
upvoted 0 times
...
Xenia
14 days ago
I agree, option B with Parameter Store and KMS seems like the easiest solution.
upvoted 0 times
...
...

Save Cancel