AWS Certified Solutions Architect Associate SAA-C03 Practice Question
An application running in EC2 instances needs a secure way to manage sensitive information such as database credentials and API keys programmatically. Which service should the application use to securely handle and retrieve this sensitive data?
AWS Secrets Manager is designed to help you store, manage, and retrieve sensitive information such as database credentials and API keys securely. It allows applications to retrieve secrets programmatically and supports automatic rotation of credentials. This enhances security by eliminating hardcoded secrets in your application source code.
Amazon Cognito is used for user identity and access management, primarily for user authentication in web and mobile apps.
AWS Certificate Manager (ACM) is used to provision, manage, and deploy SSL/TLS certificates, not for storing application secrets.
Amazon S3 is an object storage service. While you could store data there, it is not designed for securely managing and retrieving application secrets.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is AWS Secrets Manager, and how does it work?
Open an interactive chat with Bash
What does it mean to automatically rotate credentials?
Open an interactive chat with Bash
Why should sensitive data not be hardcoded in application source code?