Google Cloud Professional Cloud Architect — Question 227

Your organization uses Google Kubernetes Engine (GKE) and Amazon Elastic Kubernetes Service (EKS) to manage a complex Kubernetes environment across multiple cloud providers. You need to deploy a solution that streamlines configuration management, enforces security policies, and ensures consistent application deployment across all of the environments. You want to follow Google-recommended practices. What should you do?

Answer options

• A. Leverage Argo CD for GitOps-based continuous delivery and Open Policy Agent (OPA) for policy enforcement, and develop a controller for multi-cluster configuration management.
• B. Deploy Crossplane for managing cloud resources as Kubernetes objects, FluxCD for GitOps-based configuration synchronization, and Kyverno for policy enforcement.
• C. Deploy Kustomize for configuration customization, Config Sync with multiple Git repositories, and a script to enforce security policies.
• D. Utilize Config Sync as part of GKE to synchronize configurations from a centralized repository, and utilize Policy Controller to enforce policies using OPA Gatekeeper.

Correct answer: D

Explanation

The correct answer is D because utilizing Config Sync with GKE allows for centralized configuration management, which is essential for consistency across environments. Policy Controller leveraging OPA Gatekeeper ensures that security policies are enforced effectively. The other options, while they include valid tools, do not align as closely with Google-recommended practices for GKE.