Google Exam Professional Cloud Architect Topic 8 Question 72 Discussion

Actual exam question for Google's Professional Cloud Architect exam

Question #: 72
Topic #: 8

[All Professional Cloud Architect Questions]

Your company pushes batches of sensitive transaction data from its application server VMs to Cloud Pub/Sub for processing and storage. What is the Google-recommended way for your application to authenticate to the required Google Cloud services?

AEnsure that VM service accounts are granted the appropriate Cloud Pub/Sub IAM roles.

BEnsure that VM service accounts do not have access to Cloud Pub/Sub, and use VM access scopes to
grant the appropriate Cloud Pub/Sub IAM roles.

CGenerate an OAuth2 access token for accessing Cloud Pub/Sub, encrypt it, and store it in Cloud Storage for access from each VM.

DCreate a gateway to Cloud Pub/Sub using a Cloud Function, and grant the Cloud Function service account the appropriate Cloud Pub/Sub IAM roles.

Show Suggested Answer

Suggested Answer: B

by Paris at Nov 23, 2023, 04:12 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Architect Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Lindsey

2 days ago

I'm not sure, but I think option C) Generate an OAuth2 access token and store it in Cloud Storage could also be a valid approach.

upvoted 0 times

...

Percy

3 days ago

I agree with Alica. It makes sense to grant the necessary IAM roles to the VM service accounts for authentication.

upvoted 0 times

...

Alica

4 days ago

I think the answer is A) Ensure that VM service accounts are granted the appropriate Cloud Pub/Sub IAM roles.

upvoted 0 times

...