AWS Certified Developer – Associate (DVA-C02) — Question 281

A developer manages three AWS accounts. Each account contains an Amazon RDS DB instance in a private subnet. The developer needs to define users in each database in a consistent way. The developer must ensure that the same users are created and updated later in all three accounts.

Which solution will meet these requirements with the MOST operational efficiency?

Answer options

• A. Create an AWS CloudFormation template. Declare the users in the template. Attach the users to the database. Deploy the template in each account.
• B. Create an AWS CloudFormation template that contains a custom resource to create the users in the database. Deploy the template in each account.
• C. Write a script that creates the users. Deploy an Amazon EC2 instance in each account to run the script on the databases. Run the script in each account.
• D. Implement an AWS Lambda function that creates the users in the database. Provide the function with the details of all three accounts.

Correct answer: B

Explanation

AWS CloudFormation does not natively support managing database-level users inside an Amazon RDS instance, which makes a custom resource necessary to handle the user creation and updates. Utilizing a CloudFormation template with a custom resource allows for consistent, automated, and declarative state management across all three accounts. Other options, such as running scripts on Amazon EC2 instances or managing cross-account AWS Lambda functions manually, introduce significant operational overhead and lack the native lifecycle management provided by CloudFormation.