Answer-first summary for fast verification
Answer: 1. Create a new service account and grant it the Vertex AI User role 2. Grant the Service Account User role to each team member on the service account 3. Grant the Notebook Viewer role to each team member. 4. Provision a Vertex AI Workbench user-managed notebook instance that uses the new service account
Option C is the correct answer because it follows Google Cloud security best practices for team-based access to Vertex AI Workbench. It creates a dedicated service account with the Vertex AI User role, which provides necessary permissions for Vertex AI services. Team members are granted the Service Account User role to impersonate this service account, and the Notebook Viewer role allows them to view and run notebooks without modification rights. This approach ensures proper isolation and access control. Option A is incorrect because granting only the Notebook Viewer role to the service account is insufficient for Vertex AI resource access. Option B is not recommended as it uses the default Compute Engine service account, which poses security risks. Option D is suboptimal because it relies on a single user account, which is not scalable and creates security vulnerabilities.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are collaborating with your team on a model prototype. You need to create a Vertex AI Workbench environment that is accessible to your team members but restricted from other employees in your project. What should you do?
A
B
C
D
No comments yet.