Islamghanim
What is the difference between Storing the Passwords in S3 or DynamoDB ? As long as EC2 will assume role for both ?
1 Answers
Scott Pletcher
Storing credentials hard-coded anywhere is frowned upon pretty generally, but if you do have to store them, you need to encrypt them at rest. In the the quiz question you’re referring to, look closer at the S3 and Dynamo options. Only the S3 option offers storing them in encrypted form so that is the better answer of the two.
–Scott
DDB is encrypted at rest, though https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/EncryptionAtRest.html
I do think the question is a little silly. Most people would naturally reach for Secrets Manager in this situation.