Practice Test 3 | Google Cloud Certified Professional Cloud Architect | Dumps | Mock Test
You are working with a large finance company that is planning to use API keys in their application for accessing some Google Cloud API. According to Google’s best practices, what are the correct methods for securing API keys? Please select 2 options.
A. Do not place API keys directly into the application code
B. Use the same API key for different applications
C. Store the API keys into the code
D. Periodically Renew API keys
Options A & D are correct
As per Google’s API key best practices you should never place the API key directly into application code & renew API keys periodically
You should save the API keys as environment variables or in a secret management system.
Option B is incorrect because you should have a limited scope for each API key.
Option C is incorrect because as per Google’s best practices you should never store API keys directly into code.
Comments are closed, but trackbacks and pingbacks are open.