Prev Question
Next Question

You are using a configuration management system to manage your Amazon EC2 instances. On your Amazon EC2
Instances, you want to store credentials for connecting to an Amazon RDS DB instance. How should you securely store
these credentials?

Give the Amazon EC2 instances an IAM role that allows read access to a private Amazon S3 bucket.
Store a file with database credentials in the Amazon S3 bucket.
Have your configuration management system pull the file from the bucket when it is needed.

Launch an Amazon EC2 instance and use the configuration management system to bootstrap the instance with the Amazon RDS DB
Create an AMI from this instance.

Store the Amazon RDS DB credentials in Amazon EC2 user data.
Import the credentials into the Instance on boot.

Assign an IAM role to your Amazon RDS instance, and use this IAM role to access the Amazon RDS DB from your Amazon EC2

Store your credentials in your version control system, in plaintext.
Check out a copy of your credentials from the version control system on boot.
Use Amazon EBS encryption on the volume storing the Amazon RDS DB credentials.

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *