AWS Certified Cloud Practitioner Practice Exam 2025 - Free AWS Practice Questions and Study Guide

The correct choice for managing application secrets, such as database credentials and API keys, is AWS Secrets Manager. This service is designed specifically for storing, retrieving, and managing sensitive information securely. Secrets Manager allows users to easily create and control access to secrets, automatically rotate them without the need for code changes, and integrate seamlessly with other AWS services.

AWS Secrets Manager also provides the capability to encrypt secrets at rest and in transit, ensuring that sensitive information is protected. Furthermore, it simplifies the process of managing secrets when developing applications, allowing developers and system administrators to focus on building applications rather than handling sensitive data security.

While other services like AWS Key Management Service are important for managing encryption keys, they do not directly manage secrets like API keys or credentials. Similarly, AWS Identity and Access Management is primarily focused on managing user permissions and access rather than storing secrets. Amazon S3 is a storage service that can hold data but is not tailored for managing sensitive application secrets.