Google Professional Cloud Security Engineer
Get started today
Ultimate access to all questions.
Your organization is implementing a new CI/CD process for deploying infrastructure and applications on Google Cloud. Multiple teams will operate their own instances of this CI/CD workflow, which will run on Google Kubernetes Engine (GKE). How should you design the CI/CD pipelines to ensure they can securely access Google Cloud APIs?
Your organization is implementing a new CI/CD process for deploying infrastructure and applications on Google Cloud. Multiple teams will operate their own instances of this CI/CD workflow, which will run on Google Kubernetes Engine (GKE). How should you design the CI/CD pipelines to ensure they can securely access Google Cloud APIs?
Exam-Like
- Create two service accounts, one for the infrastructure and one for the application deployment.
- Use workload identities to let the pods run the two pipelines and authenticate with the service accounts.
- Run the infrastructure and application pipelines in separate namespaces.
- Create a dedicated service account for the CI/CD pipelines.
- Run the deployment pipelines in a dedicated nodes pool in the GKE cluster.
- Use the service account that you created as identity for the nodes in the pool to authenticate to the Google Cloud APIs.
A
0.0%
B
Comments
Loading comments...