Answer-first summary for fast verification
Answer: Configure an organization policy to require Binary Authorization enforcement on images deployed to Cloud Run.
Option A is the correct answer because it directly addresses the requirement to enforce Binary Authorization on Cloud Run deployments using Google Cloud's native organization policy capability. This approach provides centralized enforcement at the organization level, ensuring all new Cloud Run jobs and services comply with the mandate without relying on individual developer actions. Option B is incorrect because Security Health Analytics is a monitoring and detection tool, not an enforcement mechanism. Option C is insufficient as it only limits role assignments but doesn't enforce Binary Authorization. Option D is not a valid approach since Binary Authorization policies don't have an 'auto-attach' feature for Cloud Run; the enforcement must be configured at the organization or project level.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You need to enforce a mandate requiring all new Cloud Run jobs and services in production to have Binary Authorization enabled. What should you do?
A
Configure an organization policy to require Binary Authorization enforcement on images deployed to Cloud Run.
B
Configure a Security Health Analytics (SHA) custom rule that prevents the execution of Cloud Run jobs and services without Binary Authorization.
C
Ensure the Cloud Run admin role is not assigned to developers.
D
Configure a Binary Authorization custom policy that is not editable by developers and auto-attaches to all Cloud Run jobs and services.
No comments yet.