Google Cloud Professional Cloud Developer — Question 191

You are planning to deploy hundreds of microservices in your Google Kubernetes Engine (GKE) cluster. How should you secure communication between the microservices on GKE using a managed service?

Answer options

• A. Use global HTTP(S) Load Balancing with managed SSL certificates to protect your services
• B. Deploy open source Istio in your GKE cluster, and enable mTLS in your Service Mesh
• C. Install cert-manager on GKE to automatically renew the SSL certificates.
• D. Install Anthos Service Mesh, and enable mTLS in your Service Mesh.

Correct answer: D

Explanation

The correct answer, D, is appropriate because Anthos Service Mesh provides a managed solution for securing communication with mTLS, which is essential for microservices security. Options A and C focus on SSL certificates and load balancing but do not address the service-to-service communication security directly. Option B suggests using Istio, which is open source and not a managed service like Anthos, making it less suitable for the requirement of using a managed service.