VMware vRealize Automation 8.x (VCP-CMA 2021) — Question 17

Which step must be taken to enable Kubernetes auditing on a Tanzu Kubernetes cluster?

Answer options

• A. Set the ENABLE_AUDIT_LOGGING variable to 'true' before deploying the cluster
• B. Run systemctl start auditd && systemctl enable auditd on master node
• C. Audit is enabled by default on every Tanzu cluster
• D. Edit /etc/kubernetes/audit-policy.yaml and set ENABLE_AUDIT variable to '1' on master node

Correct answer: A

Explanation

The correct answer is A because enabling Kubernetes auditing requires explicitly setting the ENABLE_AUDIT_LOGGING variable to 'true' prior to the cluster deployment. Option B is incorrect as it pertains to starting the audit daemon rather than configuring Kubernetes auditing. Option C is false since auditing is not enabled by default in all Tanzu clusters, and option D is incorrect as it refers to a different configuration variable that does not enable auditing.