🔥 3-day streak
AWS Certified Machine Learning Engineer - Associate183 / 194
Question 183 of 194

A machine learning team runs a nightly SageMaker training job that pulls features from an Amazon RDS PostgreSQL database. The database credentials are currently hardcoded in the training script stored in a Git repository, and a recent security audit flagged this as a critical finding. The team must remove the plaintext credentials, support automatic credential rotation without code changes, and grant the training job least-privilege access to retrieve the secret at runtime. Which approach best satisfies these requirements?

Reviewed for accuracy · Report an issueNext question