Which solution will meet these requirements with the LEAST operational overhead?
Store the credentials in AWS Systems Manager Parameter Store as a secure string. Configure automatic rotation with a rotation interval of 30 days.
Store the credentials in AWS Secrets Manager. Configure automatic rotation with a rotation interval of 30 days.
Store the credentials in a file in an Amazon S3 bucket. Deploy an AWS Lambda function to automatically rotate the credentials every 30 days.
Store the credentials in AWS Secrets Manager. Deploy an AWS Lambda function to automatically rotate the credentials every 30 days.
Explanations:
AWS Systems Manager Parameter Store does not have built-in support for automatic credential rotation for RDS, requiring custom Lambda functions for rotation.
AWS Secrets Manager supports automatic rotation of credentials with minimal overhead, including integration with Amazon RDS and a 30-day rotation interval.
Storing credentials in Amazon S3 with a custom Lambda function would require manual setup for credential rotation, resulting in more operational overhead.
While AWS Secrets Manager supports automatic rotation, a custom Lambda function is not necessary, as Secrets Manager can handle this automatically.