AWS Certified Developer Associate DVA-C02 Practice Question
A development team is building a set of microservices that will run on Amazon EC2 instances within a private VPC. All communication between these microservices must be encrypted using TLS. The team needs a solution to issue and manage private TLS certificates for these internal-facing services, which are not accessible from the public internet. Which AWS service should be used to create the private certificate authority (CA) and issue these certificates?
The correct service is AWS Private Certificate Authority (PCA). AWS Private CA is a managed service for creating and managing private certificate authorities, allowing you to issue private X.509 certificates for internal resources like servers, users, and applications within your own network. AWS Certificate Manager (ACM) is primarily used for provisioning and managing public and private SSL/TLS certificates for use with AWS services like ELB and CloudFront, but it does not create the CA itself; it uses a Private CA to issue private certificates. AWS Secrets Manager is used for storing and rotating secrets like passwords and API keys, not for issuing certificates. AWS Key Management Service (KMS) is for creating and managing cryptographic keys used for encryption, but it is not a certificate authority.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is AWS Private Certificate Authority (PCA)?
Open an interactive chat with Bash
What are SSL and TLS certificates used for?
Open an interactive chat with Bash
How does a private certificate authority differ from a public certificate authority?
Open an interactive chat with Bash
AWS Certified Developer Associate DVA-C02
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access