Answer-first summary for fast verification
Answer: In Secret Manager
Storing credentials in source code files (Option B) is insecure as they're easily discoverable in plain text. Environment variables (Option A) are also insecure because they're available in plain text and accessible to applications on the server. ACLs restricted config files (Option D) require manual access management and still risk exposure in plain text. **Secret Manager (Option C)** is the correct choice as it's designed for secure storage of sensitive data like API keys and passwords, offering fine-grained access control and encryption to ensure credentials are securely stored and accessed only by authorized services or users. For more information, refer to [Google Cloud's documentation on Secret Manager](https://cloud.google.com/secret-manager) and [Kubernetes Engine's concepts on secrets](https://cloud.google.com/kubernetes-engine/docs/concepts/secret).
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
As the chief of DevSecOps at a large credit card company with an app hosted on GCP, you're responsible for securely storing credentials used by 35 distributed backend microservices to connect to a non-relational database. What is the most secure method to store these credentials?
A
In an environment variable
B
In the source code files
C
In Secret Manager
D
In ACLs restricted config file