Which solution will meet these requirements with the LEAST operational overhead?

By:
On:
In: SAA-C03
Tagged:
With: 0 Comments
A company runs its databases on Amazon RDS for PostgreSQL.The company wants a secure solution to manage the master user password by rotating the password every 30 days.

Which solution will meet these requirements with the LEAST operational overhead?

Use Amazon EventBridge to schedule a custom AWS Lambda function to rotate the password every 30 days.

Use the modify-db-instance command in the AWS CLI to change the password.

Integrate AWS Secrets Manager with Amazon RDS for PostgreSQL to automate password rotation.

Integrate AWS Systems Manager Parameter Store with Amazon RDS for PostgreSQL to automate password rotation.

Explanations:

While using Amazon EventBridge to schedule a custom AWS Lambda function can automate password rotation, it requires creating and maintaining custom code, which adds operational overhead.

The modify-db-instance command in the AWS CLI can change the password, but this approach requires manual intervention every 30 days, increasing operational overhead and potential for human error.

Integrating AWS Secrets Manager with Amazon RDS for PostgreSQL allows for automated password rotation without manual intervention. Secrets Manager can handle the complexity of managing and rotating the password securely every 30 days, minimizing operational overhead.

Integrating AWS Systems Manager Parameter Store for password rotation is possible but not automated. It would also require additional scripting and management, leading to more operational overhead compared to AWS Secrets Manager.

Leave a Reply

Your email address will not be published. Required fields are marked *

nineteen − seventeen =