A developer is building a serverless application that uses the AWS Cloud Development Kit (AWS CDK) to deploy application infrastructure. The developer is creating an AWS Lambda function that queries an HTTP API. The API needs all requests to include an access token for authentication and authorization. The developer needs to store the access token securely and to give the Lambda function access to the token.
Which solution will meet these requirements?
A. Update the deployment environment to inject the access token as an environment variable. Update the AWS CDK stack to capture the access token. Set the access token as an environment variable of the Lambda function. Update the Lambda function's code to reference the environment variable.
B. Update the deployment environment to inject the access token as an environment variable. Update the AWS CDK stack to create an AWS Systems Manager Parameter Store String parameter. Set the value of the parameter from the environment variable. Update the Lambda function's execution role to allow the GetParameter action on the parameter. Update the Lambda function's code to use the AWS SDK to retrieve the access token from Parameter Store.
C. Update the AWS CDK stack to create an AWS Systems Manager Parameter Store String parameter. Update the Lambda function's execution role to allow the GetParameter action on the parameter. Manually set the access token in Parameter Store. Update the Lambda function's code to use the AWS SDK to retrieve the access token from Parameter Store.
D. Update the AWS CDK stack to create an AWS Secrets Manager secret. Configure the permissions for the secret and the Lambda function to allow the function to access the secret. Update the CloudFormation stack policy inside the AWS CDK stack to prevent updates to the secret. Manually set the access token in Secrets Manager. Update the Lambda function's code to use the AWS SDK to retrieve the access token from Secrets Manager.
Which solution will meet these requirements?
A. Update the deployment environment to inject the access token as an environment variable. Update the AWS CDK stack to capture the access token. Set the access token as an environment variable of the Lambda function. Update the Lambda function's code to reference the environment variable.
B. Update the deployment environment to inject the access token as an environment variable. Update the AWS CDK stack to create an AWS Systems Manager Parameter Store String parameter. Set the value of the parameter from the environment variable. Update the Lambda function's execution role to allow the GetParameter action on the parameter. Update the Lambda function's code to use the AWS SDK to retrieve the access token from Parameter Store.
C. Update the AWS CDK stack to create an AWS Systems Manager Parameter Store String parameter. Update the Lambda function's execution role to allow the GetParameter action on the parameter. Manually set the access token in Parameter Store. Update the Lambda function's code to use the AWS SDK to retrieve the access token from Parameter Store.
D. Update the AWS CDK stack to create an AWS Secrets Manager secret. Configure the permissions for the secret and the Lambda function to allow the function to access the secret. Update the CloudFormation stack policy inside the AWS CDK stack to prevent updates to the secret. Manually set the access token in Secrets Manager. Update the Lambda function's code to use the AWS SDK to retrieve the access token from Secrets Manager.