Topic 1 Question 257
You are running code in Google Kubernetes Engine (GKE) containers in Google Cloud that require access to objects stored in a Cloud Storage bucket. You need to securely grant the Pods access to the bucket while minimizing management overhead. What should you do?
Create a service account. Grant bucket access to the Pods by using Workload Identity Federation for GKE.
Create a service account with keys. Store the keys in Secret Manager with a 30-day rotation schedule. Reference the keys in the Pods.
Create a service account with keys. Store the keys as a Kubernetes secret. Reference the keys in the Pods.
Create a service account with keys. Store the keys in Secret Manager. Reference the keys in the Pods.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: A
I think it's A.
👍 1yokoyan2024/09/05 - 正解だと思う選択肢: A
It's A i thikn
👍 11e225222024/09/08 - 正解だと思う選択肢: A
A: Workload Identity Federation for GKE is the recommended way for your workloads running on Google Kubernetes Engine (GKE) to access Google Cloud services in a secure and manageable way. https://cloud.google.com/kubernetes-engine/docs/concepts/workload-identity
👍 1jmaquino2024/11/11
シャッフルモード