A developer needs to store application configuration data, such as database connection strings and API keys, for a microservices application running on Amazon ECS. The configuration must be encrypted at rest and easily auditable. Which AWS service should the developer use?
Parameter Store is designed for configuration management, supports encryption, and integrates with CloudTrail for auditing.
Why this answer
Option C is correct because AWS Systems Manager Parameter Store can store configuration data securely, with encryption using KMS, and provides audit trails via CloudTrail. Option A is incorrect because S3 is not designed for parameter storage and would require additional setup for encryption and access control. Option B is incorrect because DynamoDB is a database, not a configuration store; it would require more overhead.
Option D is incorrect because Secrets Manager is more expensive and is specifically for secrets, not general application configuration.