You are designing a large distributed application with 30 microservices. Each of your distributed microservices needs to connect to a database back-end. You want to store the credentials securely. Where should you store the credentials?
Choose an answer
Tap an option to check your answer.
Correct answer: In a secret management system.
Why this is the answer
Storing credentials in a secret management system, such as Google Secret Manager, is the most secure and recommended practice. It centralizes secret storage, provides versioning, auditing, and fine-grained access control, reducing the risk of exposure. Storing credentials in source code is highly insecure as they become part of the repository and are easily discoverable. Environment variables are better than source code but can still be exposed through process introspection or logs, and lack centralized management and auditing. While a config file with restricted ACLs offers some protection, it's still a static file that can be compromised, and managing access across 30 microservices becomes complex and error-prone compared to a dedicated secret management system.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed