devops video for a company has hired you as an AWS Certified DevOps Engineer - Professional to provide recommendations for a failed security audit of its
A company has hired you as an AWS Certified DevOps Engineer - Professional to provide recommendations for a failed security audit of its flagship project. You have been tasked to review the company's buildspec.yaml file for its AWS CodeBuild project. Upon investigation, you have noticed that the file has hard-coded values for the environment variables that reference the AWS Access Key ID , Secret Access Key , and the database password. In addition, to perform one-time configuration changes during the build phase, the file has commands to ssh and scp into an EC2 instance using an SSH private key stored on Amazon S3. What changes would you recommend to comply with AWS security best practices? (Select three)