Answer-first summary for fast verification
Answer: Set metadata to enable-oslogin=true for the instance. Grant the dev1 group the compute.osLogin role. Direct them to use the Cloud Shell to ssh to that instance.
Option A is correct because setting the metadata to enable-oslogin=true for the instance and granting the dev1 group the compute.osLogin role ensures that only the users in the dev1 group can access the specific instance. OS Login integrates with IAM, allowing for more secure and manageable access control compared to traditional SSH key management. Enabling OS Login at the instance level ensures the dev1 group can only access that particular instance and not any others in the project.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
To establish an SSH connection for users in the dev1 group to a single Compute Engine instance within your Google Cloud Platform project, ensuring that this instance is the only resource they can access, what steps should you take?
A
Set metadata to enable-oslogin=true for the instance. Grant the dev1 group the compute.osLogin role. Direct them to use the Cloud Shell to ssh to that instance.
B
Set metadata to enable-oslogin=true for the instance. Set the service account to no service account for that instance. Direct them to use the Cloud Shell to ssh to that instance.
C
Enable block project wide keys for the instance. Generate an SSH key for each user in the dev1 group. Distribute the keys to dev1 users and direct them to use their third-party tools to connect.
D
Enable block project wide keys for the instance. Generate an SSH key and associate the key with that instance. Distribute the key to dev1 users and direct them to use their third-party tools to connect.