SAA-C03 · Review mode

A software development company is using serverless computing with AWS Lambda to build and run applications without having to set up or manage ser vers. They have a Lambda function that connects to a MongoDB Atlas, which is a popular Database as a Ser vice (DBaaS) platform and also uses a third party A PI to fetch certain data for their application. One of th e developers was instructed to create the environme nt variables for the MongoDB database hostname, username, and pa ssword as well as the API credentials that will be used by the Lambda function for DEV, SIT, UAT, and PROD environments. Considering that the Lambda function is storing sen sitive database and API credentials, how can this information be secured to prevent other developers in the team, or anyone, from seeing these credentia ls in plain text? Select the best option that provides ma ximum security.

• AA. Enable SSL encryption that leverages on AWS Cloud HSM to store and encrypt the sensitive information.
• BB. AWS Lambda does not provide encryption for the en vironment variables. Deploy your code
• CC. There is no need to do anything because, by defau lt, AWS Lambda already encrypts the environment
• DD. Create a new KMS key and use it to enable encrypt ion helpers that leverage on AWS Key Management