PROFESSIONAL-CLOUD-DEVELOPER · Question #200
PROFESSIONAL-CLOUD-DEVELOPER Question #200: Real Exam Question with Answer & Explanation
The correct answer is B: Deploy from a source code repository and grant users the roles/cloudfunctions.invoker role. Have the user account you are using to access Cloud Functions assigned a role that contains the cloudfunctions.functions.invoke permission. By default, the Cloud Functions Admin and Cloud Functions Developer roles have this permission. See Cloud Functions IAM Roles for the full l
Question
You are developing an application that will handle requests from end users. You need to secure a Cloud Function called by the application to allow authorized end users to authenticate to the function via the application while restricting access to unauthorized users. You will integrate Google Sign-In as part of the solution and want to follow Google-recommended best practices. What should you do?
Options
- ADeploy from a source code repository and grant users the roles/cloudfunctions.viewer role.
- BDeploy from a source code repository and grant users the roles/cloudfunctions.invoker role
- CDeploy from your local machine using gcloud and grant users the roles/cloudfunctions.admin role
- DDeploy from your local machine using gcloud and grant users the roles/cloudfunctions.developer
Explanation
Have the user account you are using to access Cloud Functions assigned a role that contains the cloudfunctions.functions.invoke permission. By default, the Cloud Functions Admin and Cloud Functions Developer roles have this permission. See Cloud Functions IAM Roles for the full list of roles and their associated permissions.
Topics
Community Discussion
No community discussion yet for this question.