A company is running batch workloads that use containers on Amazon Elastic Container Service (Amazon ECS). The company needs a secure solution for storing API keys that are required for integration with external services. The company's security policy states that API keys must not be stored or transmitted in plaintext. The company's IT team currently rotates the API keys manually.
A security engineer must recommend a solution that meets the security requirements and automates the rotation of the API keys
Which solution should the security engineer recommend?

A. Use a secure string parameter in AWS Systems Manager Parameter Store. Activate the feature for automatic rotation.

B. Use Amazon EC2 user data for storing the API keys. Set up a scheduled AWS Lambda function to automatically rotate the API keys.

C. Use AWS Fargate to store the API keys. Set up a scheduled AWS Lambda function to automatically rotate the API keys.

D. Use AWS Secrets Manager to store the API keys. Reference the API keys in the container definition.








 

Suggested Answer: C

Community Answer: D




This question is in SCS-C01 AWS Certified Security – Specialty Exam
For getting AWS Certified Security – Specialty Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.