Exam AZ-400 topic 4 question 66 discussion

Answer should be B. Creating secrets at the repository level ensures that it is available to all workflows within that repository.

B is the answer. https://docs.github.com/en/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-a-repository

I'm going with B, the question reads "You have A (one) GitHub repo". In this case, recreating it at the Org level would be an "over assignment".

For secrets stored at the organization-level, you can use access policies to control which repositories can use organization secrets. Organization-level secrets let you share secrets between multiple repositories, which reduces the need for creating duplicate secrets. Updating an organization secret in one location also ensures that the change takes effect in all repository workflows that use that secret. https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-encrypted-secrets-for-an-organization

since the question says all workflows but doesn't specify organization I infer that it is related to the repository B. Recreate the secret at the repository level.

I think A is correct https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization

all workflows inside the repository already have access to the environment secrets within this repository at the same time if we really need to be able to use secrets in ALL the repositories (within the any repo) we need recreate secrets on a higher level - organization - answer A

I choose A Recreating the secret at the repository level would not make it available to all the workflows, as repository secrets are only accessible within the repository they are defined in

its also possible to enable the approvers/reviewers for each worfklow to access the secret at environment level. The question doesn't give us a motive eg. easiest, most secure....