Answer-first summary for fast verification
Answer: Deploy a namespace per tenant and use Network Policies in each blog deployment.
To configure a secure multi-tenant platform on GKE where each customer can only access their own blog without affecting others, deploying a namespace per tenant and using Network Policies in each blog deployment is the most effective approach. This method provides both logical separation of resources and network isolation. - **Option A** (Enable Application-layer Secrets) is incorrect because it focuses on protecting secrets rather than isolating tenants. - **Option C** (Use GKE Audit Logging) is incorrect as it is a reactive measure for identifying malicious activities, not a proactive isolation strategy. - **Option D** (Build a custom image and use Binary Authorization) is incorrect because it ensures the integrity of images but does not provide tenant isolation.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How can you configure a secure multi-tenant platform in Google Kubernetes Engine (GKE) to ensure each customer using your dedicated blogging software can only access their own blog without impacting other customers' workloads?
A
Enable Application-layer Secrets on the GKE cluster to protect the cluster.
B
Deploy a namespace per tenant and use Network Policies in each blog deployment.
C
Use GKE Audit Logging to identify malicious containers and delete them on discovery.
D
Build a custom image of the blogging software and use Binary Authorization to prevent untrusted image deployments.
No comments yet.