🔥 3-day streak
Professional Cloud Security Engineer124 / 152
Question 124 of 152

A fintech company stores database credentials and API tokens in Secret Manager. Their security policy requires that (1) all secret payloads be encrypted with keys the company controls and can audit, and (2) the credentials must never leave the EU region for data-residency compliance. A developer needs read access to only one specific secret without being granted access to all secrets in the project. Which combination of configurations satisfies all these requirements?

Reviewed for accuracy · Report an issueNext question