Topic 1 Question 247
You run a web application on top of Cloud Run that is exposed to the internet with an Application Load Balancer. You want to ensure that only privileged users from your organization can access the application. The proposed solution must support browser access with single sign-on. What should you do?
Change Cloud Run configuration to require authentication. Assign the role of Cloud Run Invoker to the group of privileged users.
Create a group of privileged users in Cloud Identity. Assign the role of Cloud Run User to the group directly on the Cloud Run service.
Change the Ingress Control configuration of Cloud Run to internal and create firewall rules to allow only access from known IP addresses.
Activate Identity-Aware Proxy (IAP) on the Application Load Balancer backend. Assign the role of IAP-secured Web App User to the group of privileged users.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: D
The correct answer is D. Activate Identity-Aware Proxy (IAP) on the Application Load Balancer backend. Assign the role of IAP-secured Web App User to the group of privileged users.
Here's why:
IAP for Authentication and Authorization: IAP provides a centralized way to control access to your Cloud Run service, ensuring that only authenticated users can reach it. It integrates seamlessly with Cloud Identity for user management and supports single sign-on (SSO) for a smooth user experience. Role-Based Access Control: By assigning the IAP-secured Web App User role to the group of privileged users, you can precisely control who has access to the application.
👍 2Mr_MIXER0072024/09/09 - 正解だと思う選択肢: D
I think it's D.
👍 1yokoyan2024/09/05 - 正解だと思う選択肢: D
should be D
👍 11e225222024/09/08
シャッフルモード