PROFESSIONAL-CLOUD-DEVELOPER · Question #143
PROFESSIONAL-CLOUD-DEVELOPER Question #143: Real Exam Question with Answer & Explanation
The correct answer is C: Create a service account with the Cloud Functions Invoker role. Use that service account to. https://cloud.google.com/functions/docs/securing#authentication https://cloud.google.com/functions/docs/reference/iam/roles#cloud-functions-roles
Question
Your team develops services that run on Google Cloud. You need to build a data processing service and will use Cloud Functions. The data to be processed by the function is sensitive. You need to ensure that invocations can only happen from authorized services and follow Google- recommended best practices for securing functions. What should you do?
Options
- AEnable Identity-Aware Proxy in your project. Secure function access using its permissions.
- BCreate a service account with the Cloud Functions Viewer role. Use that service account to
- CCreate a service account with the Cloud Functions Invoker role. Use that service account to
- DCreate an OAuth 2.0 client ID for your calling service in the same project as the function you want
Explanation
https://cloud.google.com/functions/docs/securing#authentication https://cloud.google.com/functions/docs/reference/iam/roles#cloud-functions-roles
Topics
Community Discussion
No community discussion yet for this question.