You are the administrator of the Contoso financial group. You are responsible for security and automation within the "Production_Finance" Resource Group. You are required to automate creating a new VM with a username and password. However, it is deemed a security risk to add the credentials in plain text in the ARM template. What options do you have?
Make use of a secure string is correct, as you can reference the password in the Azure Key Vault without having to use cleartext. Do not use cleartext or credentials when it can be avoided at all costs. You always need credentials when creating a resource via the ARM template to login to the VM.