Ultimate access to all questions.
Upgrade Now 🚀
Sign in to unlock AI tutor
When deploying an application to a Compute Engine instance that needs to access Cloud Storage and Bigtable, how can you ensure the application follows the principle of least privilege for authentication?
A
Register the application with the Binary Registration Service and apply the required roles.
B
Use the default Compute Engine service account and set its scopes. Let the code find the default service account using Application Default Credentials.
C
Create a new service account and key with the required limited permissions. Set the instance to use the new service account. Edit the code to use the service account key.
D
Create a new user account with the required roles. Store the credentials in Cloud Key Management Service and download them to the instance in code.
