Topic 1 Question 114
Your organization is using Helm to package containerized applications. Your applications reference both public and private charts. Your security team flagged that using a public Helm repository as a dependency is a risk. You want to manage all charts uniformly, with native access control and VPC Service Controls. What should you do?
Store public and private charts in OCI format by using Artifact Registry.
Store public and private charts by using GitHub Enterprise with Google Workspace as the identity provider.
Store public and private charts by using Git repository. Configure Cloud Build to synchronize contents of the repository into a Cloud Storage bucket. Connect Helm to the bucket by using https://[bucket].storage-googleapis.com/[helmchart] as the Helm repository.
Configure a Helm chart repository server to run in Google Kubernetes Engine (GKE) with Cloud Storage bucket as the storage backend.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: A
Answer should be A https://cloud.google.com/artifact-registry/docs/helm
👍 5nhiguchi2023/10/21 A is answer.
👍 1mshafa2023/11/02- 正解だと思う選択肢: A
To address security concerns and maintain consistent access controls for Helm charts, it's recommended to store both public and private charts in the Open Container Initiative (OCI) format using Google Cloud's Artifact Registry, as suggested in (Option A).
Artifact Registry provides a centralized, secure repository for Helm charts with native access control features and integration capabilities with VPC Service Controls. Storing charts in OCI format ensures a standardized approach to packaging, and Artifact Registry offers a robust solution for organizing and securing container artifacts. This approach improves security by centralizing both public and private charts, aligning with best practices for Helm chart management in containerized applications.
👍 1xhilmi2023/12/06
シャッフルモード