Topic 1 Question 155
You are deploying a Cloud Build job that deploys Terraform code when a Git branch is updated. While testing, you noticed that the job fails. You see the following error in the build logs:
Initializing the backend...
Error: Failed to get existing workspaces: querying Cloud Storage failed: googleapi: Error 403
You need to resolve the issue by following Google-recommended practices. What should you do?
Change the Terraform code to use local state.
Create a storage bucket with the name specified in the Terraform configuration.
Grant the roles/owner Identity and Access Management (IAM) role to the Cloud Build service account on the project.
Grant the roles/storage.objectAdmin Identity and Access Management (1AM) role to the Cloud Build service account on the state file bucket.
ユーザの投票
コメント(6)
Answer D seems to be correct.
👍 3activist2023/10/21- 正解だと思う選択肢: D
Think it's D since the 403 error occurred while the tf actions queries state file in bucket, you only need the object admin permission(state file ).
Storage Object Admin (roles/storage.objectAdmin) Grants full control over objects, including listing, creating, viewing, and deleting objects, as well as setting object ACLs. Also grants access to create, delete, get, and list managed folders.
👍 1lelele20232023/11/01 - 👍 1activist2023/11/02
シャッフルモード