During an audit, a security team discovered that a development team was putting IAM user secret access keys in their code and then committing it to an AWS CodeCommit repository. The security team wants to automatically find and remediate instances of this security vulnerability. Which solution will ensure that the credentials are appropriately secured automatically?
A) Run a script nightly using AWS Systems Manager Run Command to search for credentials on the development instances. If found, use AWS Secrets Manager to rotate the credentials.
B) Use a scheduled AWS Lambda function to download and scan the application code from CodeCommit. If credentials are found, generate new credentials and store them in AWS KMS.
C) Configure Amazon Macie to scan for credentials in CodeCommit repositories. If credentials are found, trigger an AWS Lambda function to disable the credentials and notify the user.
D) Configure a CodeCommit trigger to invoke an AWS Lambda function to scan new code submissions for credentials. If credentials are found, disable them in AWS IAM and notify the user.
Correct Answer:
Verified
Q811: A company is serving files to its
Q812: A company is migrating its on-premises systems
Q813: The Principal element of an IAM policy
Q814: Your company hosts a social media website
Q815: Your company has recently extended its datacenter
Q817: A company has 50 AWS accounts that
Q818: In Amazon ElastiCache replication groups of Redis,
Q819: A company is running a legacy application
Q820: A company is using an existing orchestration
Q821: A company that provisions job boards for
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents