Answer-first summary for fast verification
Answer: Store the database password inside a Secret object. Modify the YAML file to populate the DB_PASSWORD environment variable from the Secret.
The correct answer is **C** because Google Kubernetes Engine supports Secrets to store sensitive data such as database passwords, which is a Google-recommended practice. Secrets are secure objects that store sensitive data in your clusters, offering more security than plaintext ConfigMaps or Pod specifications. This method gives you control over how sensitive data is used and reduces the risk of exposing the data to unauthorized users. Options A, B, and D are incorrect as they do not provide the same level of security and are not recommended as best practices.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You’ve deployed a microservice called myapp1 to a Google Kubernetes Engine cluster using the YAML file specified below. The configuration includes a database password stored in plain text. How can you refactor this configuration to securely store the database password following Google-recommended practices?
A
Store the database password inside the Docker image of the container, not in the YAML file.
B
Store the database password inside a ConfigMap object. Modify the YAML file to populate the DB_PASSWORD environment variable from the ConfigMap.
C
Store the database password inside a Secret object. Modify the YAML file to populate the DB_PASSWORD environment variable from the Secret.
D
Store the database password in a file inside a Kubernetes persistent volume, and use a persistent volume claim to mount the volume to the container.
No comments yet.