Answer-first summary for fast verification
Answer: Create a secret via the CLI and configure secret rotation. Store the credentials in the secret. Configure the application to get the credentials from Secrets Manager using secret versions and update the secret version used by the application after every rotation and disable previous versions.
Options A and B are incorrect as they do not follow best practices. Storing credentials in the application or injecting them via CI/CD is not recommended because it means the credentials are stored in the application code. Option C is incorrect because secret rotation cannot be configured via the console. Option D is correct because secret rotation policies can only be implemented through the API or gcloud commands, aligning with best practices for securely managing and rotating credentials.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are developing a mobile application for a financial institution with a key security requirement to change application passwords frequently. The application consists of a frontend on Google Kubernetes Engine and a database on Google Cloud SQL. How can you securely pass database credentials to the application at runtime while meeting the security requirement, following best practices?
A
Use the CI/CD pipeline to inject the credentials into the application at deployment.
B
Store the credentials in the application code and update it as needed by releasing new versions/updates to the application.
C
Create a secret via the console and configure secret rotation. Store the credentials in the secret. Configure the application to get the credentials from Secrets Manager using secret versions and update the secret version used by the application after every rotation and disable previous versions.
D
Create a secret via the CLI and configure secret rotation. Store the credentials in the secret. Configure the application to get the credentials from Secrets Manager using secret versions and update the secret version used by the application after every rotation and disable previous versions.
No comments yet.