AWS Certified Cloud Practitioner (CLF-C02) — Question 152

A user wants to securely automate the management and rotation of credentials that are shared between applications, while spending the least amount of time on managing tasks.

Which AWS service or feature can be used to accomplish this?

Answer options

• A. AWS CloudHSM
• B. AWS Key Management Service (AWS KMS)
• C. AWS Secrets Manager
• D. Server-side encryption

Correct answer: C

Explanation

AWS Secrets Manager is specifically designed for managing and rotating secrets like credentials securely and efficiently, making it the best option for this scenario. AWS CloudHSM and AWS KMS focus more on key management and encryption rather than secret management, while server-side encryption is a general data protection measure that doesn't directly address credential rotation.