Which solution will meet these requirements?
Deploy an Amazon RDS Proxy layer in front of the DB instance. Store the connection credentials as a secret in AWS Secrets Manager.
Deploy an Amazon RDS Proxy layer in front of the DB instance. Store the connection credentials in AWS Systems Manager Parameter Store.
Create an Aurora Replica. Store the connection credentials as a secret in AWS Secrets Manager.
Create an Aurora Replica. Store the connection credentials in AWS Systems Manager Parameter Store.
Explanations:
Deploying an Amazon RDS Proxy in front of the Aurora MySQL DB instance helps manage connection pooling, thereby reducing the load on the database. Storing credentials in AWS Secrets Manager enhances security by encrypting credentials and allows for automatic rotation. This meets the requirement of handling connection loads while keeping credentials secure.
While using Amazon RDS Proxy improves connection handling, storing credentials in AWS Systems Manager Parameter Store does not provide automatic credential rotation like AWS Secrets Manager does. Therefore, it fails to meet the security requirement for rotating credentials.
Creating an Aurora Replica can help with read scaling but does not address the connection overload issue for write operations. Furthermore, storing credentials in AWS Secrets Manager alone does not improve the database’s ability to handle high connection loads, making this option inadequate.
Similar to option C, creating an Aurora Replica does not address the primary issue of overloaded connections for insert operations. While AWS Systems Manager Parameter Store can securely store credentials, it does not offer automatic credential rotation, which is a requirement. Hence, this option is not suitable.