Google Exam Professional-Cloud-DevOps-Engineer Topic 5 Question 57 Discussion

Actual exam question for Google's Professional Cloud DevOps Engineer exam

Question #: 57
Topic #: 5

[All Professional Cloud DevOps Engineer Questions]

Your company is using HTTPS requests to trigger a public Cloud Run-hosted service accessible at the https://booking-engine-abcdef .a.run.app URL You need to give developers the ability to test the latest revisions of the service before the service is exposed to customers What should you do?

ARunthegcioud run deploy booking-engine ---no-traffic ----ag dev command Use the https://dev----booking-engine-abcdef. a. run. app URL for testing

BRunthegcioud run services update-traffic booking-engine ---to-revisions LATEST*! command Use the ht tps: //booking-engine-abcdef. a. run. ape URL for testing

CPass the curl -K 'Authorization: Hearer S(gclcud auth print-identity-token)' auth token Use the https: / /booking-engine-abcdef. a. run. app URL to test privately

DGrant the roles/run. invoker role to the developers testing the booking-engine service Use the https: //booking-engine-abcdef. private. run. app URL for testing

Show Suggested Answer

Suggested Answer: B

The best option for securing the CI/CD deployment pipeline is to configure vulnerability analysis with Artifact Registry and Binary Authorization. Vulnerability analysis is a feature that allows you to scan container images for known vulnerabilities and security issues. You can use vulnerability analysis with Artifact Registry, which is a service that allows you to store and manage container images and other artifacts. By using vulnerability analysis with Artifact Registry, you can ensure that your container images are scanned for vulnerabilities before they are deployed. Binary Authorization is a feature that allows you to enforce signature-based validation when deploying container images. You can use Binary Authorization with Cloud Build, which is a service that allows you to build and deploy container images. By using Binary Authorization with Cloud Build, you can ensure that only authorized and verified container images are deployed to your environment.

by Linn at Nov 22, 2023, 07:23 AM

Limited Time Offer

25%

Off

Get Premium Professional-Cloud-DevOps-Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Annamae

10 days ago

Hmm, I'm not sure about option C. Passing an auth token to test the service privately feels a bit clunky. And option D, using a private URL, might be too restrictive for the developers.

upvoted 0 times

...

Yun

11 days ago

Yeah, that's a good point. Option B looks more promising - updating the traffic to use the latest revision. That way, everyone can test the latest version without disrupting the main service.

upvoted 0 times

...

Dawne

12 days ago

Okay, let's start with option A. Deploying the service with no traffic seems like it could work, but I'm not sure if the dev URL would be accessible to everyone who needs to test it.

upvoted 0 times

...

Evette

13 days ago

This is a tricky question, I'm not sure which answer is the best. Let's go through each option and see if we can figure it out.

upvoted 0 times

...