When deploying an application to a Compute Engine instance that needs to access Cloud Storage and Bigtable, how can you ensure the application follows the principle of least privilege for authentication?

Real Exam

A

Register the application with the Binary Registration Service and apply the required roles.

0.0%

B

Use the default Compute Engine service account and set its scopes. Let the code find the default service account using Application Default Credentials.

16.7%

C

Create a new service account and key with the required limited permissions. Set the instance to use the new service account. Edit the code to use the service account key.

66.7%

D

Create a new user account with the required roles. Store the credentials in Cloud Key Management Service and download them to the instance in code.

16.7%

Powered ByGPT-5.2

Google Associate Cloud Engineer

Get started today

Comments

When deploying an application to a Compute Engine instance that needs to access Cloud Storage and Bigtable, how can you ensure the application follows the principle of least privilege for authentication?