Google Cloud Certified Associate Cloud Engineer Practice

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Google Cloud Certified Associate Cloud Engineer Exam with flashcards and multiple choice questions. Each question includes hints and explanations to help you study effectively. Get ready to pass your certification exam!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Your engineers need to pass database credentials to a Kubernetes Pod. What is Google's recommended best practice for working with sensitive information inside of Kubernetes?

  1. A. Store the credentials in a ConfigMap.

  2. B. Mount the credentials in a volume.

  3. C. Use an environment variable.

  4. D. Store the credentials in a Secret.

The correct answer is: D. Store the credentials in a Secret.

Secrets are Google's recommended best practice for working with sensitive information inside of Kubernetes. Secret objects can store and manage sensitive data, such as passwords, tokens, and keys, and provide access to those resources through volumes or environment variables to Kubernetes Pods. This option is preferred over ConfigMaps, volumes, or environment variables because Secrets are natively designed for storing sensitive information and offer enhanced security features such as encryption and access control. ConfigMaps are typically used for storing non-sensitive configuration data, volumes do not have encryption capabilities, and environment variables are not secure and can be exposed. Therefore, storing database credentials in a Secret would be the best practice for your engineers to safely access and use sensitive information within a Kubernetes Pod.

More Questions Like This