Topic 1 Question 312
A SysOps administrator needs to secure the credentials for an Amazon RDS database that is created by an AWS CloudFormation template. The solution must encrypt the credentials and must support automatic rotation.
Which solution will meet these requirements?
Create an AWS::SecretsManager::Secret resource in the CloudF ormation template. Reference the credentials in the AWS::RDS::DBInstance resource by using the resolve:secretsmanager dynamic reference.
Create an AWS::SecretsManager::Secret resource in the CloudFormation template. Reference the credentials in the AWS::RDS::DBInstance resource by using the resolve:ssm-secure dynamic reference.
Create an AWS::SSM::Parameter resource in he CloudFormation template. Reference the credentias in the AWS::RDS::DBInstance resource by using the resolve:ssm dynamic reference.
Create parameters for the database credentials in the CloudFormation template. Use the Ref intrinsic function to provide the credentials to the AWS::RDS::DBInstance resource.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: A
AWS::SecretsManager::Secret resource to create secret and resolve:secretsmanager dynamic reference for AWS::RDS::DBInstance resource to reference it https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html https://docs.aws.amazon.com/secretsmanager/latest/userguide/cfn-example_reference-secret.html
👍 4Gomer2023/06/12 - 正解だと思う選択肢: A
B and C are incorrect because the references are wrong:https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html
👍 2westernwolf2023/06/21 - 正解だと思う選択肢: A
By creating an AWS::SecretsManager::Secret resource in the CloudFormation template, you can store the database credentials securely.
👍 1nharaz2023/12/31
シャッフルモード