Answer-first summary for fast verification
Answer: Containerize the application, and deploy it as a Cloud Run service., Configure Identity Aware Proxy, and grant the roles/iap.httpsResourceAccessor IAM role to the users that need to access the application.
The question requires setting up authentication with minimal infrastructure management using cloud-native features. Option B (Cloud Run) is correct as it is serverless, auto-scales, and reduces management effort. Option D (IAP with roles/iap.httpsResourceAccessor) is correct because IAP integrates with Google Workspace identities for authentication, and the HTTPS role grants access to web apps. Options A and C involve manual infrastructure or custom auth, which are less ideal. Option E's tunnel role is for SSH/TCP, not web apps.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are building a scalable web application for internal users in an organization that uses Google Workspace. You need to configure authentication for the application and deploy it on Google Cloud while leveraging cloud-native features and minimizing infrastructure management overhead. What are two recommended approaches?
A
Create a Compute Engine VM, configure a web server, and deploy the application in a VPC.
B
Containerize the application, and deploy it as a Cloud Run service.
C
Configure Cloud SQL database with a table containing the users and password hashes. Add an authentication screen to ensure that only internal users can access the application.
D
Configure Identity Aware Proxy, and grant the roles/iap.httpsResourceAccessor IAM role to the users that need to access the application.
E
Configure Identity Aware Proxy, and grant the roles/iap.tunnelResourceAccessor IAM role to the users that need to access the application.
No comments yet.