AZ-305 · Question 15 · Domain 1.4: Application Identities
You are designing an API architecture using Azure API Management (APIM). The backend APIs require a shared access key for authentication.
To meet security compliance, the shared access key must be stored in Azure Key Vault and rotated every 30 days. APIM must automatically use the latest version of the key without requiring manual configuration updates or APIM downtime.
Which TWO actions must you perform to achieve this? (Select TWO)
Answer options:
Enable a Managed Identity on the APIM instance and grant it Key Vault Secrets User role.
Reference the Key Vault secret in APIM using a Named Value without specifying the secret version.
Reference the Key Vault secret in APIM using a Named Value and explicitly specify the latest secret version.
Configure an Azure Event Grid subscription to trigger an APIM restart when the Key Vault secret changes.
Store the shared access key directly in APIM as a secure Named Value.
55 questions · hints · full answers · grading
Expert