Answer: Create a Development and a Production GKE cluster in separate projects. In each cluster, create a Kubernetes namespace per team, and then configure Kubernetes Role-based access control (RBAC) so that each team can only access its own namespace.

The goal is to minimize costs while ensuring teams cannot access each other's environments. Option D is the most cost-effective and secure solution because it uses only two clusters (one for development and one for production) across separate projects, reducing cluster overhead costs compared to options A and B (which require multiple clusters per team). Kubernetes RBAC is the standard and efficient method to enforce namespace-level isolation within a cluster, ensuring teams can only access their assigned namespaces. Option C incorrectly suggests using Identity Aware Proxy (IAP), which is designed for application-level access (e.g., HTTP/S) and not suitable for Kubernetes namespace isolation. Options A and B are more expensive due to the higher number of clusters and do not inherently isolate namespaces without additional RBAC setup, which is explicitly addressed in D.

Author: LeetQuiz Editorial Team