Notifications
Clear all
Topic starter
Your Google Cloud Platform [GCP] admin has to manage a bunch of API keys for external services that are accessed by different applications, which are used by a few teams .
What is the best way to manage them?
- A . Share the information in a Github repository and grant access to the repo in IAM as required.
B. Store the information in Secret Manager and give IAM read permissions as re-quired.
C. Store the information in Kubernetes Secrets and only grant read permissions to users as required.
D. Encrypt the information and store it in Cloud Storage for centralized access. Give the decrypt key only to the users who need to access it.
Suggested Answer: B
Explanation:
Store the information in Secret Manager is a secure and convenient storage
system for API keys, passwords, certificates, and other sensitive data. Secret Manager
provides a central place and single source of truth to manage access, and audit secrets
across Google Cloud.
https://cloud.google.com/secret-manager
Explanation:
Store the information in Secret Manager is a secure and convenient storage
system for API keys, passwords, certificates, and other sensitive data. Secret Manager
provides a central place and single source of truth to manage access, and audit secrets
across Google Cloud.
https://cloud.google.com/secret-manager
Posted : 03/02/2023 7:19 pm