Q80 — AWS DVA-C02 Ch.3

Question 80 of 100 | ← Chapter 3

A company needs to share information with a partner. The partner exposes an HTTP API endpoint, and the company uses an API key to access it. The company requires a secure method to manage the API key in code, ensuring API key integration with the application code does not impact application performance. Which solution most securely meets these requirements?

Correct Answer: A. Store the API credentials in AWS Secrets Manager. Retrieve the API credentials at runtime using the AWS SDK. Use the credentials for API calls.

Explanation

Storing API keys in source control (Option B) is insecure and violates security best practices. While Options C and D provide storage mechanisms, they lack native secret rotation, audit logging, and fine-grained access controls inherent to dedicated secret management services. AWS Secrets Manager is purpose-built for secure credential storage, offering automatic rotation, encryption at rest and in transit, granular IAM permissions, and audit trails via AWS CloudTrail—all without impacting application performance due to efficient SDK caching and low-latency retrieval. Thus, Option A is the most secure and appropriate solution. 【Provided by Lantern Certification: swufelp1999】