Examtopics

Professional Cloud Developer

  • Topic 1 Question 297

    You are developing a container build pipeline for an application hosted on GKE. You have the following requirements:

    • Only images that are created using your build pipeline should be deployed on your GKE cluster. • All code and build artifacts should remain within your environment and protected from data exfiltration.

    How should you build the pipeline?

      1. Create a build pipeline by using Cloud Build with the default worker pool.
      2. Deploy container images to a private container registry in your VPC.
      3. Create a VPC firewall policy in your project that denies all egress and ingress traffic to public networks.
      1. Create a build pipeline by using Cloud Build with a private worker pool.
      2. Use VPC Service Controls to place all components and services in your CI/CD pipeline inside a security perimeter.
      3. Configure your GKE cluster to only allow container images signed by Binary Authorization.
      1. Create a build pipeline by using Cloud Build with a private worker pool.
      2. Configure the CI/CD pipeline to build container images and store them in Artifact Registry.
      3. Configure Artifact Registry to encrypt container images by using customer-managed encryption keys (CMEK).
      1. Create a build pipeline by using Cloud Build with the default worker pool.
      2. Configure the CI/CD pipeline to build container images and store them in Artifact Registry.
      3. Configure your GKE cluster to only allow container images signed by Binary Authorization.
    シャッフルモード