GH-200
Secure and optimize automation
hard
Question 1 of 28

A team wants a deployment workflow to exchange GitHub identity for a cloud access token without storing any cloud secret in the repository. What must they configure?

Aid-token: write permission and an OIDC trust relationship in the cloud provider
Bcontents: write permission and a repository secret containing the cloud key
CAn artifact attestation and a CODEOWNERS file
DA self-hosted runner and packages: write permission

More Secure and optimize automation Questions

28 questions

Full GitHub Actions Practice Test

All topics covered

All GitHub Actions Questions

Browse by topic

Related Questions

Why do GitHub Actions workflows use OpenID Connect with cloud providers?...

easy

What do artifact attestations help software consumers verify?...

easy

A workflow author wants to run a step only when a secret exists. What should they do?...

medium

A workflow runs for a pull request from a forked repository. Which credential behavior should the ma...

medium

A caller workflow wants a reusable workflow to use one of the caller's secrets. What must the caller...

medium
View all Secure and optimize automation questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account