Explanation:
The question focuses on security best practices for production deployment of LLM applications using Databricks Foundation Model APIs. Option B (using access tokens belonging to service principals) is the correct choice because service principals provide machine-to-machine authentication without human intervention, offer better security through managed identities, and align with production security standards. Option A (OAuth machine-to-machine) is mentioned in the community discussion as a best practice in general cloud platforms but is not natively supported by Databricks Foundation Model APIs. Option C (using any workspace user's token) is insecure for production as it relies on individual user credentials. Option D (frequently rotated tokens) addresses token rotation but doesn't specify the optimal token type, and rotation alone doesn't make it the primary best practice choice.
Ultimate access to all questions.
No comments yet.
A Generative AI Engineer is preparing to deploy an LLM application built with Foundation Model APIs and wants to adhere to security best practices for a production environment. Which authentication method should they select?
A
Use OAuth machine-to-machine authentication
B
Use an access token belonging to service principals
C
Use an access token belonging to any workspace user
D
Use a frequently rotated access token belonging to either a workspace user or a service principal