🔥 3-day streak
AWS Certified Solutions Architect - Professional154 / 186
Question 154 of 186

A financial services company is building a new microservices application on Amazon ECS Fargate that connects to an Amazon RDS for PostgreSQL database. Security auditors require that the database credentials be encrypted at rest, rotated automatically every 30 days without application downtime, and never stored in container images, task definitions, or environment variables in plaintext. The application must retrieve credentials at runtime using its task IAM role, and access must be scoped so each service can read only its own credential. Which solution meets all requirements with the least operational overhead?

Reviewed for accuracy · Report an issueNext question