A development team stores its Amazon RDS MySQL DB instance user name and password credentials in a configuration file. The configuration file is stored as plaintext on the root device volume of the team's Amazon EC2 instance. When the team's application needs to reach the database, it reads the file and loads the credentials into the code. The team has modified the permissions of the configuration file so that only the application can read its content. A solution architect must design a more secure solution. What should the solutions architect do to meet this requirement?
A) Store the configuration file in Amazon S3. Grant the application access to read the configuration file.
B) Create an IAM role with permission to access the database. Attach this IAM role to the EC2 instance.
C) Enable SSL connections on the database instance. Alter the database user to require SSL when logging in.
D) Move the configuration file to an EC2 instance store, and create an Amazon Machine Image (AMI) of the instance. Launch new instances from this AMI.
Correct Answer:
Verified
Q348: A company is moving its on-premises applications
Q349: A company hosts a training site on
Q350: A company is building an application on
Q351: A company is running a multi-tier ecommerce
Q352: A company is working with an external
Q354: A meteorological startup company has a custom
Q355: A company has an ecommerce application that
Q356: A company hosts its application using Amazon
Q357: A company runs a production application on
Q358: A solutions architect is designing an architecture
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents