Topic 1 Question 230
For data residency requirements, you want your secrets in Google Clouds Secret Manager to only have payloads in europe-west1 and europe-west4. Your secrets must be highly available in both regions.
What should you do?
Create your secret with a user managed replication policy, and choose only compliant locations.
Create your secret with an automatic replication policy, and choose only compliant locations.
Create two secrets by using Terraform, one in europe-west1 and the other in europe-west4.
Create your secret with an automatic replication policy, and create an organizational policy to deny secret creation in non-compliant locations.
ユーザの投票
コメント(5)
- 正解だと思う選択肢: A👍 5pfilourenco2023/08/04
from ChatGPT-4: The correct answer is A. Create your secret with a user-managed replication policy, and choose only compliant locations.
In Google Cloud's Secret Manager, secrets with a user-managed replication policy are replicated only in the user-specified locations. This can be used to ensure data residency requirements are met, as the secret data (payloads) will not be stored or replicated outside of the regions selected in the policy.
The automatic replication policy option (B and D) would not work because it replicates data across all regions in Google Cloud, which may violate the data residency requirements.
Creating two secrets using Terraform (C) in different regions could work from a data residency standpoint, but it could lead to management issues as you would have two separate secrets to manage instead of one.
👍 2kapara2023/07/31ChatGPT-3.5 proposes B instead. I'll go with A https://www.youtube.com/watch?v=9KWGRSVZtFU&t=335s
👍 2alkaloid2023/08/04
シャッフルモード