Explanation:
The question asks about limitations of Databricks Secrets. Here's the analysis:
dbutils.secrets.get), users can programmatically expose it (e.g., iterating and printing characters), bypassing redaction.GET /api/2.0/secrets/get endpoint returns secrets in plain text if the personal access token (PAT) has sufficient permissions. While the option mentions 'list,' the critical limitation is that secrets can be retrieved via the API with proper credentials.Thus, the limitations are D (programmatic exposure) and E (API retrieval with valid PAT).
Ultimate access to all questions.
No comments yet.
Which statement accurately describes a limitation of the Databricks Secrets utility despite its ability to securely store sensitive credentials and prevent plaintext exposure?
A
Because the SHA256 hash is used to obfuscate stored secrets, reversing this hash will display the value in plain text.
B
Account administrators can see all secrets in plain text by logging on to the Databricks Accounts console.
C
Secrets are stored in an administrators-only table within the Hive Metastore; database administrators have permission to query this table by default.
D
Iterating through a stored secret and printing each character will display secret contents in plain text.
E
The Databricks REST API can be used to list secrets in plain text if the personal access token has proper credentials.