Topic 1 Question 215
You have an application written in Python running in production on Cloud Run. Your application needs to read/write data stored in a Cloud Storage bucket in the same project. You want to grant access to your application following the principle of least privilege. What should you do?
Create a user-managed service account with a custom Identity and Access Management (IAM) role.
Create a user-managed service account with the Storage Admin Identity and Access Management (IAM) role.
Create a user-managed service account with the Project Editor Identity and Access Management (IAM) role.
Use the default service account linked to the Cloud Run revision in production.
ユーザの投票
コメント(4)
- 正解だと思う選択肢: A
A is the answer.
👍 2zellck2022/12/10 - 正解だと思う選択肢: A
Answer is A The others give too many acess
👍 2telp2023/01/11 - 正解だと思う選択肢: A
A - assign the needed permissions, following the least privilege rule
Not B - https://cloud.google.com/iam/docs/understanding-roles#storage.admin C and D gives too many access
👍 1gardislan182022/12/04
シャッフルモード