When to Insert Credentials into an IoT Application's CI/CD Process

A.

The correct answer is D: during application build time.

When an IoT application needs to access other applications, APIs, and cloud resources, it requires authentication credentials to ensure that only authorized entities can access these resources. In a CI/CD pipeline, the application is built, tested, and deployed automatically, and it is important to ensure that the credentials are incorporated in the pipeline in a secure and efficient manner.

Hard-coding the credentials into the application code base (Option A) is not a recommended approach as it poses a security risk. If the code is leaked, anyone with access to the code can potentially access the resources associated with the credentials.

Inserting credentials during application runtime (Option B) can be time-consuming, and there is a risk of unauthorized access if the credentials are not stored securely. Moreover, the process of inserting credentials manually into the application during runtime can also be error-prone and prone to human mistakes.

Inserting credentials after application testing (Option C) is not an ideal solution either, as it can lead to delays in the release of the application, and it can be challenging to track which credentials were used in which version of the application.

Inserting credentials during application build time (Option D) is the recommended approach as it ensures that the credentials are incorporated into the application in a secure and efficient manner. By incorporating the credentials into the build process, the credentials can be stored securely in a build server or a secure credential store, which can be accessed by the application during runtime. This approach also ensures that the credentials are not exposed in the source code or build artifacts, reducing the risk of unauthorized access.