Topic 1 Question 69
Your application requires service accounts to be authenticated to GCP products via credentials stored on its host Compute Engine virtual machine instances. You want to distribute these credentials to the host instances as securely as possible. What should you do?
Use HTTP signed URLs to securely provide access to the required resources.
Use the instance's service account Application Default Credentials to authenticate to the required resources.
Generate a P12 file from the GCP Console after the instance is deployed, and copy the credentials to the host instance before starting the application.
Commit the credential JSON file into your application's source repository, and have your CI/CD process package it with the software that is deployed to the instance.
ユーザの投票
コメント(8)
Answer is B
https://cloud.google.com/docs/authentication/production#automatically
If the environment variable GOOGLE_APPLICATION_CREDENTIALS isn't set, ADC uses the service account that is attached to the resource that is running your code.
👍 4woriheck932021/09/04"authenticated to GCP" is the key part of the qn
https://cloud.google.com/iam/docs/creating-managing-service-account-keys: "To use a service account from outside of Google Cloud, such as on other platforms or on-premises, you must first establish the identity of the service account" "You can create service account keys in JSON or PKCS#12 (P12) format. "
C is the answer
👍 2syu31svc2021/07/09- 正解だと思う選択肢: B
I think B is correct
👍 2tomato1232022/08/19
シャッフルモード