AWS Certified Cloud Practitioner — Question 850

What is the MOST secure way to store passwords on AWS?

Answer options

• A. Store passwords in an Amazon S3 bucket.
• B. Store passwords as AWS CloudFormation parameters.
• C. Store passwords in AWS Storage Gateway.
• D. Store passwords in AWS Secrets Manager.

Correct answer: D

Explanation

AWS Secrets Manager is purpose-built to securely encrypt, store, and automatically rotate sensitive credentials like passwords and API keys. While other services like Amazon S3 or AWS CloudFormation can store data, they lack the dedicated lifecycle management, automatic rotation, and specialized security controls designed for secrets.