CodeBuild is being used during the deployment of an application.The application connects to an external database with database credentials being managed by Secrets Manager.
Where should the reference to the database credentials be specified?
Click on the arrows to vote for the correct answer
A. B. C. D.Answer: A.
Option A is CORRECT because CodeBuild uses the BuildSpec file as a specification of build commands and settings.
“secrets-manager” syntax can be used to retrieve database credentials stored in AWS Secrets Manager.
Option B is incorrect because Build Environment variables should NOT be used for storing sensitive information as they are displayed in plain text.
Option C is incorrect because CodeDeploy uses the AppSpec file to specify and manage deployments.
Option D is incorrect because CloudFormation templates are used by CloudFormation and not by CodeBuild.
Reference:
https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.htmlThe correct answer is B. CodeBuild Environment Variable.
In this scenario, the application connects to an external database with database credentials being managed by Secrets Manager. CodeBuild is being used during the deployment of the application, and the reference to the database credentials should be specified in CodeBuild Environment Variables.
CodeBuild is a fully managed continuous integration and continuous deployment (CI/CD) service that compiles source code, runs tests, and produces software packages that are ready to deploy. It allows you to specify environment variables that can be used during the build process. These variables can be used to store sensitive information, such as database credentials.
The BuildSpec file is used to define the build commands and settings for the build process. It is not used to specify environment variables.
The AppSpec file is used by AWS CodeDeploy to manage the deployment of applications. It is not used by CodeBuild.
CloudFormation templates are used to define and deploy infrastructure as code. They are not used to specify environment variables.
Therefore, the correct answer is B. CodeBuild Environment Variable, as environment variables can be used to store and reference the database credentials managed by Secrets Manager during the CodeBuild deployment process.