Google Professional Cloud Developer

Get started today

Ultimate access to all questions.

Explanation:

To configure a secure multi-tenant platform on GKE where each customer can only access their own blog without affecting others, deploying a namespace per tenant and using Network Policies in each blog deployment is the most effective approach. This method provides both logical separation of resources and network isolation.

Option A (Enable Application-layer Secrets) is incorrect because it focuses on protecting secrets rather than isolating tenants.
Option C (Use GKE Audit Logging) is incorrect as it is a reactive measure for identifying malicious activities, not a proactive isolation strategy.
Option D (Build a custom image and use Binary Authorization) is incorrect because it ensures the integrity of images but does not provide tenant isolation.

Explanation:

Option A (Enable Application-layer Secrets) is incorrect because it focuses on protecting secrets rather than isolating tenants.
Option C (Use GKE Audit Logging) is incorrect as it is a reactive measure for identifying malicious activities, not a proactive isolation strategy.
Option D (Build a custom image and use Binary Authorization) is incorrect because it ensures the integrity of images but does not provide tenant isolation.

Comments (0)

No comments yet.

How can you configure a secure multi-tenant platform in Google Kubernetes Engine (GKE) to ensure each customer using your dedicated blogging software can only access their own blog without impacting other customers' workloads?

Exam-Like

Enable Application-layer Secrets on the GKE cluster to protect the cluster.

6.5%

Deploy a namespace per tenant and use Network Policies in each blog deployment.

80.6%

Use GKE Audit Logging to identify malicious containers and delete them on discovery.

6.5%

Build a custom image of the blogging software and use Binary Authorization to prevent untrusted image deployments.

6.5%