To securely authenticate your application's VMs to Google Cloud services like Cloud Pub/Sub for processing sensitive transaction data, what is the recommended approach by Google?

Real Exam

Encrypt an OAuth2 access token for Cloud Pub/Sub and store it in Cloud Storage for VM access.

7.1%

Implement a Cloud Function as a gateway to Cloud Pub/Sub, assigning the necessary IAM roles to the Cloud Function's service account.

14.3%

Assign the appropriate Cloud Pub/Sub IAM roles to the VM service accounts.

64.3%

Use VM access scopes to grant Cloud Pub/Sub IAM roles, ensuring VM service accounts do not have direct access.

14.3%

Google Associate Cloud Engineer