Answer-first summary for fast verification
Answer: Enable binary authorization on the clusters and define a policy to regulate permissible images.
**Correct Answer: B** - **Option A** is incorrect because IAM permissions manage access to services like GKE and Container Registry but do not directly control the images deployed on a cluster. - **Option B** is correct. Binary Authorization allows you to enforce policies that approve or deny image deployments based on their compliance with predefined rules. - **Option C** is incorrect as custom routes are designed for network traffic management and do not influence image deployment policies. - **Option D** is incorrect since firewall rules regulate network traffic flow and cannot restrict the images used in cluster deployments. For more information, refer to [Google Cloud Binary Authorization documentation](https://cloud.google.com/binary-authorization/docs/overview).
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
As a professional tasked with setting up an automated CI/CD pipeline for deploying applications to GKE clusters in a financial organization's production environment, how can you restrict the types and sources of container images used in deployments?
A
Implement IAM permissions to limit which container images can be deployed on the clusters.
B
Enable binary authorization on the clusters and define a policy to regulate permissible images.
C
Configure custom routes to manage traffic directed towards the clusters.
D
Apply firewall rules within the VPCs to control image deployment.
No comments yet.