DVA-C02 - Security - Section 2.7
Manage application secrets and configuration securely using AWS Secrets Manager and AWS Systems Manager Parameter Store with rotation and encrypted values.
Store database credentials and API keys in AWS Secrets Manager with automatic rotation, and use AWS Systems Manager Parameter Store for non-secret configuration with optional KMS encryption. Distinguish when each service is the better choice based on rotation needs, cost, and hierarchy requirements.
AWS Secrets ManagerAWS Systems Manager Parameter StoreSecret rotationEncrypted environment variables
More in this domain
Back to all Security objectives, or the DVA-C02 cert hub.
Examworthy is not affiliated with or endorsed by Amazon Web Services. Original, blueprint-aligned practice material only.