exam questions

Exam AZ-305 All Questions

View all questions & answers for the AZ-305 exam

Exam AZ-305 topic 4 question 113 discussion

Actual exam question from Microsoft's AZ-305
Question #: 113
Topic #: 4
[All AZ-305 Questions]

You have an Azure subscription that contains an Azure Kubernetes Service (AKS) instance named AKS1. AKS1 hosts microservice-based APIs that are configured to listen on non-default HTTP ports.

You plan to deploy a Standard tier Azure API Management instance named APIM1 that will make the APIs available to external users.

You need to ensure that the AKS1 APIs are accessible to APIM1. The solution must meet the following requirements:

• Implement MTLS authentication between APIM1 and AKS1.
• Minimize development effort.
• Minimize costs.

What should you do?

  • A. Implement an external load balancer on AKS1.
  • B. Redeploy APIM1 to the virtual network that contains AKS1.
  • C. Implement an ExternalName service on AKS1.
  • D. Deploy an ingress controller to AKS1.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
OrangeSG
Highly Voted 1 year, 1 month ago
Selected Answer: D
Mutual TLS (mTLS) authentication is natively supported by Azure API Management and can be enabled in Kubernetes by installing an Ingress Controller. This approach simplifies the microservices as the authentication will be performed in the Ingress Controller. This solution also meets the requirements of implementing mTLS authentication between APIM1 and AKS1, minimizing development effort, and minimizing costs. Please note that while deploying an ingress controller to AKS1, you should ensure that it supports mTLS. Examples of enterprise-level ingress controllers that support mTLS include NGINX and AGIC1. https://learn.microsoft.com/en-us/azure/api-management/api-management-kubernetes
upvoted 7 times
...
SeMo0o0o0o
Most Recent 2 weeks, 6 days ago
Selected Answer: D
D is correct
upvoted 1 times
...
Angurajesh
5 months, 3 weeks ago
mTLS between APIM1 and AKS1 while minimizing development effort and costs-->Deploy an ingress controller to AKS1. This approach ensures secure communication between APIM1 and AKS1 while meeting the specified requirements
upvoted 1 times
...
Lazylinux
7 months, 2 weeks ago
Selected Answer: D
Given answer D is correct , as note is that Ingress Controller is part of App GWY L7 Load Balancer The Application Gateway Ingress Controller (AGIC) is a Kubernetes application, which makes it possible for Azure Kubernetes Service (AKS) customers to leverage Azure's native Application Gateway L7 load-balancer to expose cloud software to the Internet. AGIC monitors the Kubernetes cluster it's hosted on and continuously updates an Application Gateway, so that selected services are exposed to the Internet. https://learn.microsoft.com/en-us/azure/application-gateway/ingress-controller-overview
upvoted 1 times
...
a03
1 year ago
Ingress controller is correct answer. There is picture describing the architecture (API Management > Ingress Controller > AKS cluster): https://learn.microsoft.com/en-us/azure/architecture/solution-ideas/articles/mutual-tls-deploy-aks-api-management
upvoted 4 times
...
babakeyfgir
1 year ago
it was a exam Question
upvoted 3 times
...
KakashiCopyNinja
1 year, 1 month ago
Selected Answer: D
D https://learn.microsoft.com/en-us/azure/api-management/api-management-kubernetes
upvoted 4 times
...
KakashiCopyNinja
1 year, 1 month ago
D is correct. https://learn.microsoft.com/en-us/azure/api-management/api-management-kubernetes#option-2-install-an-ingress-controller
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago