Answer-first summary for fast verification
Answer: The service account key has been rotated but not updated on the application server.
The 403 Permission Denied error code suggests an authentication or authorization issue. Given the scenario, the most plausible cause is that the service account key has been rotated but not updated on the application server, leading to authentication failures. This directly results in the application being unable to access the Cloud Storage bucket, hence the 403 error. Other options do not directly relate to the symptoms described: - **Option A** would likely result in a 404 Not Found error if the paths or structure changed. - **Option B** is unlikely because predefined roles' permissions are immutable; changes to role assignments would not be described as changes to the role's permissions. - **Option D** would cause connectivity issues, not a permission denied error.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
An on-premises application authenticates to the Cloud Storage API using a user-managed service account with a user-managed key. The application connects to Cloud Storage via Private Google Access over a Dedicated Interconnect link. Requests to access objects in the bucket fail with a 403 Permission Denied error. What is the most probable cause of this issue?
A
The folder structure inside the bucket and object paths have changed.
B
The permissions of the service account’s predefined role have changed.
C
The service account key has been rotated but not updated on the application server.
D
The Interconnect link from the on-premises data center to Google Cloud is experiencing a temporary outage.
No comments yet.