Answer-first summary for fast verification
Answer: Create a new namespace in the existing cluster. Using Kubernetes role-based access control (RBAC), grant the Admin role on the new namespace to the other team.
The correct approach involves using Kubernetes RBAC to grant the other team the necessary permissions within a specific namespace without affecting the existing application. Creating a new namespace and assigning the Admin role via RBAC ensures the other team can deploy their integration in their designated namespace without the ability to modify the existing application in other namespaces. This method provides the precise level of access needed without resorting to broader IAM roles that could compromise the security of the existing application.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How can you allow a different team to deploy their integration on your Google Kubernetes Engine (GKE) cluster while preventing them from making changes to your existing application?
A
Using Identity and Access Management (IAM), grant the Viewer IAM role on the cluster project to the other team.
B
Create a new GKE cluster. Using Identity and Access Management (IAM), grant the Editor role on the cluster project to the other team.
C
Create a new namespace in the existing cluster. Using Identity and Access Management (IAM), grant the Editor role on the cluster project to the other team.
D
Create a new namespace in the existing cluster. Using Kubernetes role-based access control (RBAC), grant the Admin role on the new namespace to the other team.
No comments yet.