Answer-first summary for fast verification
Answer: Create three distinct Projects, deploying a GKE cluster in each to separate the environments.
Options A, B, and C do not align with GCP's best practices for managing IAM permissions, as these permissions cannot be effectively managed at the VPC or subnet level. While using namespaces within a GKE cluster for environment separation is technically feasible, it does not represent the optimal approach for segregating environments. Option D is the correct choice, as it adheres to GCP's best practices by leveraging Projects for environment separation and IAM policy management. For further details, refer to GCP's documentation on best practices for enterprise organizations at: https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations#project-structure
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
As a DevOps engineer in a rapidly expanding analytics company, you're tasked with migrating docker applications from on-premises Virtual Machines to Google Kubernetes Engine (GKE). The company operates in three distinct environments: development, staging, and production. A critical requirement is the separation of these environments to facilitate access restriction via IAM policies. According to Google Cloud Platform's (GCP) best practices, which of the following strategies would best meet this requirement?
A
Establish a single VPC within a Project, dividing it into three subnets, and deploy a GKE cluster in each subnet for the respective environments.
B
Set up three separate VPCs within a single Project, each containing one subnet, and deploy a GKE cluster in each VPC for the different environments.
C
Deploy a single GKE cluster and utilize three namespaces within it to segregate the different environments.
D
Create three distinct Projects, deploying a GKE cluster in each to separate the environments.