PROFESSIONAL-CLOUD-DEVOPS-ENGINEER · Question #76
PROFESSIONAL-CLOUD-DEVOPS-ENGINEER Question #76: Real Exam Question with Answer & Explanation
The correct answer is A: Store public and private charts in OCI format by using Artifact Registry.. Artifact Registry supports storing Helm charts in OCI (Open Container Initiative) format, which works for both public and private charts. It provides native IAM-based access control for granular permissions and fully supports VPC Service Controls to restrict access to specific VP
Question
Your organization is using Helm to package containerized applications. Your applications reference both public and private charts. Your security team flagged that using a public Helm repository as a dependency is a risk. You want to manage all charts uniformly, with native access control and VPC Service Controls. What should you do?
Options
- AStore public and private charts in OCI format by using Artifact Registry.
- BStore public and private charts by using GitHub Enterprise with Google Workspace as the identity
- CStore public and private charts by using Git repository. Configure Cloud Build to synchronize
- DConfigure a Helm chart repository server to run in Google Kubernetes Engine (GKE) with Cloud
Explanation
Artifact Registry supports storing Helm charts in OCI (Open Container Initiative) format, which works for both public and private charts. It provides native IAM-based access control for granular permissions and fully supports VPC Service Controls to restrict access to specific VPC networks. This satisfies the security team's requirements for uniform management with native access control. GitHub Enterprise (B) and Git repos (C) do not natively support VPC Service Controls. Running a self-hosted Helm server on GKE (D) adds significant operational overhead.
Topics
Community Discussion
No community discussion yet for this question.