Ultimate access to all questions.
Upgrade Now 🚀
Sign in to unlock AI tutor
You are deploying cloud infrastructure using a CI/CD system hosted on a Compute Engine instance. How can you minimize the risk of the CI/CD system's credentials being stolen?
A
Create a dedicated Cloud Identity user account for the cluster. Use a strong self-hosted vault solution to store the user's temporary credentials.
B
Create a dedicated Cloud Identity user account for the cluster. Enable the constraints/iam.disableServiceAccountCreation organization policy at the project level.
C
Create a custom service account for the cluster. Enable the constraints/iam.disableServiceAccountKeyCreation organization policy at the project level
D
Create a custom service account for the cluster. Enable the constraints/iam.allowServiceAccountCredentialLifetimeExtension organization policy at the project level.
