You have an Azure subscription that contains an Azure key vault named Vault1.
You plan to deploy multiple virtual machines that will host a custom app named App1. App1 will use secrets stored in Vault1. The virtual machines will be redeployed regularly based on the usage demands of App1.
You need to recommend a solution that will enable App1 to access the secrets stored in Vault1. The solution must meet the following requirements:
Minimize the number of security principals that can access Vault1.
Minimize the storage of sensitive data on the virtual machines.
Minimize administrative effort.
Which type of endpoint should App1 use to access the secrets, and which type of identity should App1 use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Submit