Answer-first summary for fast verification
Answer: Grant the necessary IAM permissions to the Compute Engine VM's service account for accessing Google services.
Option A is correct because attaching service accounts to resources like Compute Engine is both convenient and secure, aligning with Google's recommended practices. This approach minimizes changes by leveraging the VM's existing service account with the necessary IAM permissions. Option B is incorrect as it introduces unnecessary complexity by creating a new service account. Options C and D are incorrect due to the security risks associated with storing credentials in configuration files. Service account credentials should be managed securely, not deployed with applications, and user account credentials are unsuitable for application authentication on VM instances.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are developing an API in Python that utilizes several Google Cloud Services through Application Default credentials. After successful local testing, your next step is deploying the API on a Compute Engine Instance. What is the Google-recommended method for setting up authentication with minimal changes?
A
Grant the necessary IAM permissions to the Compute Engine VM's service account for accessing Google services.
B
Create a new service account with appropriate IAM permissions and configure the application to use this account.
C
Generate a configuration file with Service account credentials and deploy it alongside your application.
D
Generate a configuration file with User account credentials and deploy it alongside your application.
No comments yet.