Question #791
A company needs to automatically rotate API keys for a third-party service integrated with their application every 90 days.
Which AWS service will fulfill this requirement with the LEAST operational effort?
AWS Systems Manager
AWS Secrets Manager
AWS License Manager
AWS Managed Services
Explanation
AWS Secrets Manager (B) is the correct answer because it natively supports automatic secret rotation, including API keys, using predefined or custom Lambda functions. It handles the rotation process, updates the secret, and ensures application integration without manual intervention.
Other options:
- A. AWS Systems Manager: Requires custom scripting and manual setup for rotation, increasing operational effort.
- C. AWS License Manager: Manages software licenses, unrelated to secret rotation.
- D. AWS Managed Services: Focuses on AWS infrastructure management, not secret handling.
Key Points:
1. Secrets Manager automates rotation on a schedule (e.g., 90 days).
2. Minimizes effort via built-in rotation workflows.
3. Other services lack native secret rotation capabilities.
Answer
The correct answer is: B