Exam4Training

What is the best way to manage them?

Your Google Cloud Platform [GCP] admin has to manage a bunch of API keys for external services that are accessed by different applications, which are used by a few teams.

What is the best way to manage them?
A . Share the information in a Github repository and grant access to the repo in IAM as required.
B. Store the information in Secret Manager and give IAM read permissions as re-quired.
C. Store the information in Kubernetes Secrets and only grant read permissions to users as required.
D. Encrypt the information and store it in Cloud Storage for centralized access. Give the decrypt key only to the users who need to access it.

Answer: B

Explanation:

Store the information in Secret Manager is a secure and convenient storage system for API keys, passwords, certificates, and other sensitive data. Secret Manager provides a central place and single source of truth to manage access, and audit secrets across Google Cloud.

https://cloud.google.com/secret-manager

Exit mobile version