AWS Certified Database – Specialty — Question 314

A company has an ecommerce website that runs on AWS. The website uses an Amazon RDS for MySQL database. A database specialist wants to enforce the use of temporary credentials to access the database.
Which solution will meet this requirement?

Answer options

• A. Use MySQL native database authentication.
• B. Use AWS Secrets Manager to rotate the credentials.
• C. Use AWS Identity and Access Management (IAM) database authentication.
• D. Use AWS Systems Manager Parameter Store for authentication.

Correct answer: C

Explanation

AWS Identity and Access Management (IAM) database authentication allows users to connect to Amazon RDS for MySQL using an IAM role or user and a short-lived authentication token instead of a password. These tokens automatically expire after 15 minutes, fulfilling the requirement for temporary credentials. Other options like native authentication or Secrets Manager rotation still rely on static or periodically rotated passwords rather than true temporary, token-based credentials.