Which solution will meet these requirements with the LEAST administrative overhead?
Use AWS AppConfig to store and manage the application configuration. Use AWS Secrets Manager to store and retrieve the credentials.
Use AWS Lambda to store and manage the application configuration. Use AWS Systems Manager Parameter Store to store and retrieve the credentials.
Use an encrypted application configuration file. Store the file in Amazon S3 for the application configuration. Create another S3 file to store and retrieve the credentials.
Use AWS AppConfig to store and manage the application configuration. Use Amazon RDS to store and retrieve the credentials.
Explanations:
AWS AppConfig is specifically designed for managing application configurations with minimal overhead, and AWS Secrets Manager provides a secure way to store and retrieve credentials, automating secret rotation and access management. This combination minimizes administrative tasks while ensuring security.
Although AWS Lambda can be used to manage application logic, it is not an ideal choice for managing application configuration. AWS Systems Manager Parameter Store can store credentials but lacks the advanced features of Secrets Manager for managing sensitive data, making this option less optimal for the requirements stated.
Using an encrypted application configuration file and storing it in Amazon S3 requires more administrative overhead for managing file encryption, access control, and retrieval. Additionally, S3 is not inherently designed for managing application configurations or secrets securely, making it a less efficient choice.
While AWS AppConfig is suitable for managing application configurations, Amazon RDS is not intended for storing credentials. RDS focuses on database management and does not provide features for securely managing sensitive information, making this option inappropriate for the requirement.