A developer is migrating code to an AWS Lambda function that will an Amazon Aurora MySQL database. What is the MOST secure way to authenticate the function to the database?
A) Store the database credentials as encrypted parameters in AWS Systems Manager Parameters Store. Obtain the credentials from Systems Manager when the Lambda function needs to connect to the database.
B) Store the database credentials in AWS Secrets Manager. Let Secrets Manager handle the rotation of the credentials, as required.
C) Store the database credentials in an Amazon S3 bucket that has a restrictive bucket policy for the Lambda role when accessing the credentials. Use AWS KMS to encrypt the data.
D) Create a policy with rds-db:connect access to the database and attach it to the role assigned to the Lambda function.
Correct Answer:
Verified
Q134: A developer has written an AWS Lambda
Q135: A gaming application stores scores for players
Q136: A developer is creating a script to
Q137: Two containerized microservices are hosted on Amazon
Q138: An application is using a single-node Amazon
Q140: A developer is writing an application that
Q141: A developer is writing a web application
Q142: A developer is creating an AWS Lambda
Q143: An application needs to encrypt data that
Q144: An ecommerce startup is preparing for an
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents