Google Exam Cloud Digital Leader Topic 8 Question 34 Discussion

Actual exam question for Google's Cloud Digital Leader exam

Question #: 34
Topic #: 8

Your Google Cloud Platform [GCP] admin has to manage a bunch of API keys for external services that are accessed by different applications, which are used by a few teams. What is the best way to manage them?

AShare the information in a Github repository and grant access to the repo in IAM as required.

BStore the information in Secret Manager and give IAM read permissions as re-quired.

CStore the information in Kubernetes Secrets and only grant read permissions to users as required.

DEncrypt the information and store it in Cloud Storage for centralized access. Give the decrypt key only to the users who need to access it.

Show Suggested Answer

Suggested Answer: A

by Fletcher at Feb 04, 2023, 09:37 AM

Limited Time Offer

25%

Off

Get Premium Cloud Digital Leader Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Armando

6 days ago

I prefer option D. Encrypting the information and storing it in Cloud Storage adds an extra layer of security, and only giving the decrypt key to authorized users minimizes the risk of unauthorized access.

upvoted 0 times

...

Cathrine

10 days ago

Kubernetes Secrets? Ugh, I'd rather not manage all that YAML just for some API keys. Secret Manager seems like the way to go.

upvoted 0 times

...

Nell

10 days ago

Storing API keys in a Github repo? Nope, too risky! Let's go with Secret Manager, it's the most secure option.

upvoted 0 times

...

Fannie

14 days ago

I agree with Blondell. Storing the information in Secret Manager with IAM read permissions ensures that only authorized users can access the API keys.

upvoted 0 times

...

Blondell

18 days ago

I think option B is the best way to manage API keys. Secret Manager provides a secure and centralized way to store sensitive information.

upvoted 0 times

...