Your team is developing a serverless web application on Cloud Run that requires access to images stored in a private Cloud Storage bucket. You need to grant the application IAM permissions to access the bucket's images while following Google's recommended security best practices. What steps should you take?

Exam-Like

Enforce signed URLs for the desired bucket. Grant the Storage Object Viewer IAM role on the bucket to the Compute Engine default service account.

21.7%

Enforce public access prevention for the desired bucket. Grant the Storage Object Viewer IAM role on the bucket to the Compute Engine default service account.

0.0%

Enforce signed URLs for the desired bucket. Create and update the Cloud Run service to use a user-managed service account. Grant the Storage Object Viewer IAM role on the bucket to the service account.

26.1%

Enforce public access prevention for the desired bucket. Create and update the Cloud Run service to use a user-managed service account. Grant the Storage Object Viewer IAM role on the bucket to the service account.

52.2%

Google Professional Cloud Developer

Get started today

Comments