Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

HashiCorp Exam Vault-Associate Topic 3 Question 27 Discussion

Actual exam question for HashiCorp's Vault-Associate exam
Question #: 27
Topic #: 3
[All Vault-Associate Questions]

A developer mistakenly committed code that contained AWS S3 credentials into a public repository. You have been tasked with revoking the AWS S3 credential that was in the code. This credential was created using Vault's AWS secrets engine and the developer received the following output when requesting a credential from Vault.

Which Vault command will revoke the lease and remove the credential from AWS?

Show Suggested Answer Hide Answer
Suggested Answer: A

The correct answer is A because the lease ID is the unique identifier for the credential. The lease ID is used to revoke the credential using the vault lease revoke command. This command will invalidate the credential immediately and prevent any further renewals.It will also delete the access key and secret key from AWS, rendering them useless1. The access key and secret key are not sufficient to revoke the credential, as they are not recognized by Vault. The lease ID is composed of the path of the secrets engine, the role name, and a random UUID. In this case, the path is aws/creds, the role name is s3-access, and the UUID is f3e92392-7d9c-99c8-c921-57Sd62fe89d8.


lease revoke - Command | Vault | HashiCorp Developer

by Katy at Sep 16, 2024, 01:51 PM

Limited Time Offer

25%

Off

Get Premium Vault-Associate Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Sylvie
9 months ago
Option B looks like a typo, and C seems to be missing the 'lease' keyword. A or D, that's my bet.
upvoted 0 times
...
Luis
9 months ago
This is why we can't have nice things. Seriously, who committed that code? *facepalm*
upvoted 0 times
Alease
8 months ago
C) vault lease revoke f3e92392-7d9c-O9c8-c921-575d62fe80d8
upvoted 0 times
...
Kimbery
9 months ago
B) vault lease revoke AKIAI0WQXTLW36DV7IEA
upvoted 0 times
...
Della
9 months ago
A) vault lease revoke aws/creds/s3-access/f3e92392-7d9c-99c8-c921-57Sd62fe89d8
upvoted 0 times
...
...
Sina
10 months ago
I'm not sure, but I think option B makes sense because it matches the access key in the output.
upvoted 0 times
...
Rozella
10 months ago
I agree with Aileen, option B seems to be the right choice based on the output from Vault.
upvoted 0 times
...
Aileen
10 months ago
I think the correct answer is B) vault lease revoke AKIAI0WQXTLW36DV7IEA.
upvoted 0 times
...
Sena
10 months ago
Hmm, D seems like the most direct approach. Time to get that credential revoked!
upvoted 0 times
Erinn
9 months ago
Good call, let's not waste any time.
upvoted 0 times
...
Annmarie
9 months ago
Agreed, let's revoke that credential quickly.
upvoted 0 times
...
Phyliss
10 months ago
I think D is the way to go.
upvoted 0 times
...
...
Janna
10 months ago
Option A looks promising, but I'll double-check the output just to be sure.
upvoted 0 times
...
Pansy
10 months ago
Aha, so the secret is in the lease ID! Gotta love Vault's granularity.
upvoted 0 times
Janey
9 months ago
D) vault lease revoke access_key-AKIAI0WQXTLW36DV7IEA
upvoted 0 times
...
Abraham
9 months ago
C) vault lease revoke f3e92392-7d9c-O9c8-c921-575d62fe80d8
upvoted 0 times
...
Odette
9 months ago
B) vault lease revoke AKIAI0WQXTLW36DV7IEA
upvoted 0 times
...
Franchesca
9 months ago
A) vault lease revoke aws/creds/s3-access/f3e92392-7d9c-99c8-c921-57Sd62fe89d8
upvoted 0 times
...
Abel
10 months ago
B) vault lease revoke AKIAI0WQXTLW36DV7IEA
upvoted 0 times
...
Elly
10 months ago
A) vault lease revoke aws/creds/s3-access/f3e92392-7d9c-99c8-c921-57Sd62fe89d8
upvoted 0 times
...
...

Save Cancel