PROFESSIONAL-CLOUD-DEVELOPER · Question #176
PROFESSIONAL-CLOUD-DEVELOPER Question #176: Real Exam Question with Answer & Explanation
The correct answer is B: The permissions of the service account's predefined role have changed.. The 403 Permission Denied error code indicates that the service account is authenticated, but it doesn't have sufficient permissions to access the Cloud Storage bucket. If the error code were 401 Unauthorized, it would suggest that the authentication failed, which could be caused
Question
You have an on-premises application that authenticates to the Cloud Storage API using a user- managed service account with a user-managed key. The application connects to Cloud Storage using Private Google Access over a Dedicated Interconnect link. You discover that requests from the application to access objects in the Cloud Storage bucket are failing with a 403 Permission Denied error code. What is the likely cause of this issue?
Options
- AThe folder structure inside the bucket and object paths have changed.
- BThe permissions of the service account's predefined role have changed.
- CThe service account key has been rotated but not updated on the application server.
- DThe Interconnect link from the on-premises data center to Google Cloud is experiencing a
Explanation
The 403 Permission Denied error code indicates that the service account is authenticated, but it doesn't have sufficient permissions to access the Cloud Storage bucket. If the error code were 401 Unauthorized, it would suggest that the authentication failed, which could be caused by a rotated key, as in option C. However, in this case, the error code is 403, which indicates a problem with the permissions of the service account, making option B the most likely cause.
Topics
Community Discussion
No community discussion yet for this question.