Bird
0
0

Which flag must be added to the kube-apiserver manifest to enable Secrets encryption at rest using an EncryptionConfiguration file?

easy📝 Configuration Q3 of 15
Kubernetes - RBAC and Security
Which flag must be added to the kube-apiserver manifest to enable Secrets encryption at rest using an EncryptionConfiguration file?
A--encrypt-secrets-at-rest
B--enable-secret-encryption=true
C--secret-encryption-file=/etc/kubernetes/encryption.yaml
D--encryption-provider-config=/path/to/encryption-config.yaml
Step-by-Step Solution
Solution:

  1. Step 1: Identify the correct kube-apiserver flag

    The flag to specify the encryption config file is --encryption-provider-config.

  2. Step 2: Verify other options

    Other options are invalid or do not exist in kube-apiserver flags.

  3. Final Answer:

    --encryption-provider-config=/path/to/encryption-config.yaml -> Option D

  4. Quick Check:

    Flag must point to encryption config file [OK]
Quick Trick: Use --encryption-provider-config flag with config file path [OK]
Common Mistakes:
  • Using non-existent flags like --enable-secret-encryption
  • Confusing flag names
  • Not specifying the config file path

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Kubernetes Quizzes
Helm Package Manager - Adding chart repositories - Quiz 9hard Monitoring and Logging - Alerting with Prometheus Alertmanager - Quiz 8hard Operators and Custom Resources - Operator SDK basics - Quiz 4medium Operators and Custom Resources - Operator pattern overview - Quiz 3easy Operators and Custom Resources - OperatorHub for community operators - Quiz 1easy Operators and Custom Resources - OperatorHub for community operators - Quiz 5medium Production Best Practices - Why production readiness matters - Quiz 1easy Production Best Practices - Why production readiness matters - Quiz 9hard RBAC and Security - Pod security standards - Quiz 8hard RBAC and Security - Image security scanning - Quiz 7medium