Which AWS service can meet this requirement with the MINIMAL amount of operational overhead?
AWS Key Management Service (AWS KMS)
AWS Config
AWS Secrets Manager
Amazon GuardDuty
Explanations:
AWS Key Management Service (KMS) is used for managing cryptographic keys for your applications and encrypting data, but it does not specifically handle the storage of credentials or secrets directly. It requires additional implementation to use for storing and managing sensitive information.
AWS Config is a service for resource compliance and auditing. It tracks AWS resource configurations and changes over time but does not provide functionality for securely storing credentials or sensitive information.
AWS Secrets Manager is designed specifically for storing, managing, and retrieving secrets, such as API keys, database credentials, and other sensitive information. It automates secret rotation and provides a minimal operational overhead solution for securely managing credentials.
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior within your AWS account. It does not provide features for storing or managing credentials securely.