Your team is deploying a set of applications onto AWS. These applications work with multiple databases. You need to ensure that the database passwords are stored securely. Which of the following is the ideal way to store the database passwords?

Answer options:

A.Store them in separate Lambda functions which can be invoked via HTTPS.
B.Store them as secrets in AWS Secrets Manager.
C.Store them in separate DynamoDB tables.
D.Store them in separate S3 buckets.

Answer – B
This is mentioned in the AWS Documentation.
AWS Secrets Manager is an AWS service that makes it easier for you to manage secrets. Secrets can be database credentials, passwords, third-party API keys, and even arbitrary text. You can store and control access to these secrets centrally by using the Secrets Manager console, the Secrets Manager command-line interface (CLI), or the Secrets Manager API and SDKs.
Option A is incorrect because the Lambda function is a compute service and not used for storing credentials.
Option C is incorrect because DynamoDB is a NoSQL database service and not suitable for storing credentials.
Option D is incorrect because the S3 bucket is used to store objects and is not particularly designed to store credentials. It may have some security issues.
For more information on the Secrets Manager, please refer to the below URL-
https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html