How should you configure authentication for microservices running on Google Kubernetes Engine (GKE) that require access to Google Cloud APIs, adhering to Google's recommended best practices? (Select two correct approaches.)

Exam-Like

Use the service account attached to the GKE node.

12.5%

Enable Workload Identity in the cluster via the gcloud command-line tool.

40.0%

Access the Google service account keys from a secret management service.

7.5%

Store the Google service account keys in a central secret management service.

6.3%

Use gcloud to bind the Kubernetes service account and the Google service account using roles/iam.workloadIdentity.

33.8%

Google Professional Cloud Developer