Which method best maintains confidentiality for credentials when automating resource creation from a command-line environment that does not include built-in credential management?
Embedding login details directly in the code
Using a secure secret storage service that rotates keys on a set schedule
Placing access data in a version-controlled script repository
Storing the keys in environment variables on the host system
Placing credentials in a secure secret storage service with a rotation method reduces exposure in logs or repositories. Alternatives, such as storing keys in environment variables or version-controlled repositories, risk unauthorized retrieval. Embedding login details in code is also unsafe, since the credentials are visible whenever the code is accessed.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a secure secret storage service?
Open an interactive chat with Bash
Why is key rotation important for security?
Open an interactive chat with Bash
What is the risk of storing credentials in code or version control?