You are using Container Registry to centrally store your company's container images in a separate project. In another project, you want to create a Google Kubernetes Engine (GKE) cluster. You want to ensure that Kubernetes can download images from Container Registry. What should you do?
A) In the project where the images are stored, grant the Storage Object Viewer IAM role to the service account used by the Kubernetes nodes.
B) When you create the GKE cluster, choose the Allow full access to all Cloud APIs option under 'Access scopes'. When you create the GKE cluster, choose the Allow full access to all Cloud APIs option under 'Access scopes'.
C) Create a service account, and give it access to Cloud Storage. Create a P12 key for this service account and use it as an imagePullSecrets in Kubernetes.
D) Configure the ACLs on each image in Cloud Storage to give read-only access to the default Compute Engine service account.
Correct Answer:
Verified
Q92: You deployed a new application inside your
Q93: You need to deploy an application, which
Q94: You have a project for your App
Q95: Your customer has implemented a solution that
Q96: You built an application on Google Cloud
Q98: You have a web application deployed as
Q99: You are using Google Kubernetes Engine with
Q100: Your management has asked an external auditor
Q101: Your company runs its Linux workloads on
Q102: You are the team lead of a
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents