Topic 1 Question 371
A company hosts its application in the us-west-1 Region. The company wants to add redundancy in the us-east-1 Region.
The application secrets are stored in AWS Secrets Manager in us-west-1. A developer needs to replicate the secrets to us-east-1.
Which solution will meet this requirement?
Configure secret replication for each secret. Add us-east-1 as a replication Region. Choose an AWS Key Management Service (AWS KMS) key in us-east-1 to encrypt the replicated secrets.
Create a new secret in us-east-1 for each secret. Configure secret replication in us-east-1. Set the source to be the corresponding secret in us-west-1. Choose an AWS Key Management Service (AWS KMS) key in us-west-1 to encrypt the replicated secrets.
Create a replication rule for each secret. Set us-east-1 as the destination Region. Configure the rule to run during secret rotation. Choose an AWS Key Management Service (AWS KMS) key in us-east-1 to encrypt the replicated secrets.
Create a Secrets Manager lifecycle rule to replicate each secret to a new Amazon S3 bucket in us-west-1. Configure an S3 replication rule to replicate the secrets to us-east-1.
ユーザの投票
コメント(2)
- 正解だと思う選択肢: A
A - AWS Secrets Manager provides a built-in feature for cross-region replication of secrets. By configuring secret replication, you can add the us-east-1 Region as a replication destination. This ensures that the secrets are automatically and securely replicated from us-west-1 to us-east-1. You also have the option to specify an AWS KMS key in the destination region (us-east-1) to encrypt the replicated secrets, ensuring they are protected by encryption keys in the appropriate region.
👍 6rdiaz2024/07/11 - 正解だと思う選択肢: A
D has operational overhead so is A
👍 2KennethNg9232024/08/21
シャッフルモード