You are developing a microservice-based application for deployment on Google Kubernetes Engine (GKE). The application requires read/write access to a Cloud Spanner database. Following security best practices while minimizing code changes, how should you configure your application to obtain Spanner credentials?

Exam-Like

Configure the appropriate service accounts, and use Workload Identity to run the pods.

47.8%

Store the application credentials as Kubernetes Secrets, and expose them as environment variables.

14.9%

Configure the appropriate routing rules, and use a VPC-native cluster to directly connect to the database.

16.4%

Store the application credentials using Cloud Key Management Service, and retrieve them whenever a database connection is made.

20.9%

Google Professional Cloud Developer