Summary
Keywords
Full Transcript
Aqui esta la pregunta del examen AWS Solutions Architect Associate ✳️ A company has an application that calls AWS Lambda functions. A code review shows that database credentials are stored in a Lambda function’s source code, which violates the company’s security policy. The credentials must be securely stored and must be automatically rotated on an ongoing basis to meet security policy requirements. What should a solutions architect recommend to meet these requirements in the MOST secure manner? 1️⃣ Store the password in AWS CloudHSM. Associate the Lambda function with a role that can use the key ID to retrieve the password from CloudHSM. Use CloudHSM to automatically rotate the password 2️⃣ Store the password in AWS Secrets Manager. Associate the Lambda function with a role that can use the secret ID to retrieve the password from Secrets Manager. Use Secrets Manager to automatically rotate the password 3️⃣ Store the password in AWS Key Management Service (AWS KMS). Associate the Lambda function with a role that can use the key ID to retrieve the password from AWS KMS. Use AWS KMS to automatically rotate the uploaded password 4️⃣ Move the database password to an environment variable that is associated with the Lambda function. Retrieve the password from the environment variable by invoking the function. Create a deployment script to automatically rotate the password En el video encontraras la respuesta con la explicacion ✅ Hazte MIEMBRO del canal para conseguir mas ventajas ✅ ➡️ https://www.youtube.com/channel/UCO8o2MP-i4jLXEuLmMQGFeA/join 🔷 Para estar al día de todo ahora también puedes encontrarme en Telegram ➡️ https://t.me/rubenjgarciacloud
