🔥 3-day streak
AWS Certified Security - Specialty152 / 184
Question 152 of 184

A security engineer must store database credentials for a fleet of applications. The requirements are: automatic credential rotation every 30 days without custom code for a supported Amazon RDS engine, encryption at rest with a customer managed KMS key, and per-secret resource policies to grant read access to specific IAM roles. Which AWS service and configuration best meets ALL of these requirements at the lowest operational overhead?

Reviewed for accuracy · Report an issueNext question