Amazon Web Services SAA-C03 Exam With Confidence Using Practice Dumps

The correct answer is A because the company needs to rotate database credentials every 30 days while maximizing security and minimizing development effort. AWS Secrets Manager is the AWS service specifically designed to store, manage, and rotate secrets such as database usernames and passwords. It supports automatic rotation for supported databases, including Amazon Aurora MySQL , which makes it the most secure and operationally efficient solution.

With Secrets Manager, credentials are encrypted at rest, access can be controlled through IAM policies, and applications can retrieve secrets programmatically without embedding them in source code or configuration files. Automatic rotation reduces the risk associated with static credentials and helps meet compliance requirements with minimal manual work. Because rotation is built into the service, the development effort is significantly lower than creating and maintaining custom rotation logic.

Option B can work, but it requires building and operating a custom Lambda rotation function , which adds complexity compared with the native automation available in Secrets Manager. Options C and D are not best practices because storing credentials in environment files or configuration files increases security risk and does not provide a managed secrets lifecycle.

AWS security best practices recommend centralizing sensitive credentials in AWS Secrets Manager and enabling automatic rotation whenever possible. This improves security posture, reduces operational overhead, and aligns directly with compliance requirements for regular credential changes. Therefore, storing Aurora MySQL credentials in Secrets Manager with 30-day automatic rotation is the best solution.

Comprehensive and Detailed Step-by-Step Explanation:

The company needsautomatic monitoringandnotificationsforsecurity violationsin Amazon Redshift clusters.

Option A:❌

Create an Amazon EventBridge rule that uses the Redshift clusters as the source. Create an AWS Lambda function to evaluate the Redshift cluster security configuration. Configure the Lambda function to notify the company of any violations of the security policies. Add the Lambda function as a target of the EventBridge rule.

EventBridgecan trigger actionsbased on events.

However, itdoes not track changesin Redshift security configurations.

Why not?AWS Configis bettersuited forcompliance monitoring.

Amazon FSx for Lustre is a high-performance file system optimized for fast processing of workloads such as machine learning, high-performance computing (HPC), and video processing. It integrates natively with Amazon S3, allowing you to:

Access S3 Data: FSx for Lustre can be linked to an S3 bucket, presenting S3 objects as files in the file system.

High Performance: It provides sub-millisecond latencies, high throughput, and millions of IOPS, which are ideal for ML workloads.Amazon Web Services, Inc.

Minimal Operational Overhead: Being a fully managed service, it reduces the complexity of setting up and managing high-performance file systems.