A security engineer must recommend a solution that meets the security requirements and automates the rotation of the API keysWhich solution should the security engineer recommend?
Use a secure string parameter in AWS Systems Manager Parameter Store. Activate the feature for automatic rotation.
Use Amazon EC2 user data for storing the API keys. Set up a scheduled AWS Lambda function to automatically rotate the API keys.
Use AWS Fargate to store the API keys. Set up a scheduled AWS Lambda function to automatically rotate the API keys.
Use AWS Secrets Manager to store the API keys. Reference the API keys in the container definition.
Explanations:
AWS Systems Manager Parameter Store can store API keys securely, but automatic rotation of API keys is not natively supported without external integration or additional Lambda functions.
EC2 user data is not a secure solution for storing API keys as it is not encrypted by default and can expose sensitive data. This approach also doesn’t offer automated rotation natively.
AWS Fargate is a compute engine for running containers and does not provide a mechanism for securely storing API keys or rotating them.
AWS Secrets Manager is designed for securely storing and automatically rotating sensitive information like API keys. It can be referenced directly in container definitions, ensuring security and automation.