In designing a Kubernetes deployment using GKE that requires secure access to a Google Cloud SQL instance, what is the recommended method for secure communication?
Choose an answer
Tap an option to check your answer.
Correct answer: Use Private IP and VPC-native clusters..
Why this is the answer
*For securely connecting a Kubernetes deployment on GKE to a Google Cloud SQL instance, the recommended method is to use Private IP and VPC-native clusters. This approach ensures secure, private communication between GKE and Cloud SQL. VPC-native clusters in GKE provide enhanced network performance and security by using alias IP ranges, which allows GKE to have native access to VPC network features. The use of Private IP for the Cloud SQL instance ensures that the database is not exposed to the public internet, reducing the risk of unauthorized access. This setup provides a secure and efficient networking solution for GKE deployments that need to interact with Cloud SQL. Alternative methods, such as using public IPs or Cloud Endpoints, may expose the database to additional security risks, while approaches like Istio service mesh or VPNs can introduce unnecessary complexity for this specific use case.*
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed