This certification preparation material would help you in getting the jobs in the AWS Fields

AWS Developer Certification : Associate Level AWS Sysops Administrator Certification : Assciate Level AWS Solution Architect Certification : Associate Level AWS Soltion Architect : Professional Level AWS Certified Security Specialty (SCS-C01) AWS Professional certification Exam AWS Certified Big Data – Specialty (BDS-C00) AWS Certified Machine Learning MLS C01 Certification Prepration Materal AWS Solution Architect : Training Associate AWS Advanced Networking Certifications AWS Exam Prepare : Kinesis Data Stream Book : AWS Solution Architect Associate : Little Guide AWS Security Specialization Certification: Little Guide SCS-C01 AWS Package Deal


While applying to the Job you need to mention referred by : admin@hadoopexam.com | or Website : http://www.HadoopExam.com


 

Question 25: Your web application is installed on AWS EC2 instance, and data will be stored in Amazon Aurora. For the HIPAA compliance you need to use encrypted username, password and database connection string in encrypted format. As well as these secrets cannot be stored with the code, you need to store some secret place. Hence, you are using AWS Secret Manager for that and storing secret values in the secretString element. Now ............................. Which of the best solution for accessing secret dynamically by the code running on EC2 instance?

  1. You will be creating IAM policy and attach that IAM policy to AWS Secret Manager. In IAM policy you will mention Principal for EC2 Role. This role will have permission to access secret.
  2. You will create IAM Policy and attach that IAM policy to both AWS secret manager as well as the KMS keys and mentioned Principal element as one of the EC2 role. This EC2 role will have permission to access secret as well as KMS CMK.
  3. Correct Answer
  4. You will mark EC2 instance role as a Trusted service in both KMS and AWS Secret Manager.

Correct Answer 

Detailed Explanation