A retail company uses ephemeral tasks in a hosted microservices framework to process transactions. Development teams are concerned about storing secrets. Which measure is the best approach to protect sensitive details in this system?
Use environment variables for confidential data in ephemeral tasks
Require ephemeral tasks to include transaction details in logs
Encode secret files within the container repository before deployment
Adopt an external vault that supplies secrets dynamically at runtime
Using a dedicated vault to provide restricted secrets at runtime helps ensure that sensitive content is not stored within ephemeral processes or container images. Embedding confidential data in environment variables or container repositories can expose it to logs or unauthorized retrieval. Logging these details introduces additional risks by retaining records that may be accessed later.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an ephemeral task in a microservices framework?
Open an interactive chat with Bash
How does a vault supply secrets dynamically at runtime?
Open an interactive chat with Bash
Why are environment variables not recommended for storing sensitive data in ephemeral tasks?