Your company deals with highly sensitive financial transaction data. This data needs to be securely pushed from application server VMs to Google Cloud Pub/Sub for subsequent processing and storage. You need to ensure that the application running on these VMs can authenticate to Google Cloud services in a secure manner. What is the Google-recommended way for your application to authenticate to the required Google Cloud services?

Exam-Like

Ensure that VM service accounts are granted the appropriate Cloud Pub/Sub IAM roles.

72.9%

Ensure that VM service accounts do not have access to Cloud Pub/Sub, and use VM access scopes to grant the appropriate Cloud Pub/Sub IAM roles.

8.2%

Generate an OAuth2 access token for accessing Cloud Pub/Sub, encrypt it, and store it in Cloud Storage for access from each VM.

11.8%

Create a gateway to Cloud Pub/Sub using a Cloud Function, and grant the Cloud Function service account the appropriate Cloud Pub/Sub IAM roles.

7.1%

Google Professional Cloud Architect