A company hosts its application in the us-west-1 Region. The company wants to add redundancy in the us-east-1 Region.
The application secrets are stored in AWS Secrets Manager in us-west-1. A developer needs to replicate the secrets to us-east-1.
Which solution will meet this requirement?
To meet the requirement of replicating secrets from the us-west-1 Region to the us-east-1 Region, AWS Secrets Manager provides a built-in feature for secret replication. By configuring secret replication for each secret and adding us-east-1 as a replication Region, the secrets can be securely and automatically replicated. Additionally, specifying an AWS KMS key in us-east-1 ensures that the replicated secrets are encrypted with keys specific to that region, providing a secure and correct implementation.
A - AWS Secrets Manager provides a built-in feature for cross-region replication of secrets. By configuring secret replication, you can add the us-east-1 Region as a replication destination. This ensures that the secrets are automatically and securely replicated from us-west-1 to us-east-1. You also have the option to specify an AWS KMS key in the destination region (us-east-1) to encrypt the replicated secrets, ensuring they are protected by encryption keys in the appropriate region.