nerdexam
ExamsPROFESSIONAL-CLOUD-DEVELOPERQuestions#327
GoogleGoogle

PROFESSIONAL-CLOUD-DEVELOPER · Question #327

PROFESSIONAL-CLOUD-DEVELOPER Question #327: Real Exam Question with Answer & Explanation

The correct answer is B: Grant the custom service account the roles/cloudsql.client role. Adjust the Cloud SQL Auth Proxy. https://cloud.google.com/sql/docs/mysql/connect-auth-proxy

Implementing Security

Question

You are about to deploy an application hosted on a Compute Engine instance with Windows OS and Cloud SQL. You plan to use the Cloud SQL Auth Proxy for connectivity to the Cloud SQL instance. You plan to follow Google-recommended practices and the principle of least privilege. You have already created a custom service account. What should you do next?

Options

  • ACreate and assign a custom role with the cloudsql.instances.connect permission to the custom
  • BGrant the custom service account the roles/cloudsql.client role. Adjust the Cloud SQL Auth Proxy
  • CGrant the custom service account the roles/cloudsql.editor role.
  • DGrant the custom service account the roles/cloudsql.viewer role. Adjust the Cloud SQL Auth

Explanation

https://cloud.google.com/sql/docs/mysql/connect-auth-proxy

Topics

#IAM#Cloud SQL Auth Proxy#Service Accounts#Least Privilege

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PROFESSIONAL-CLOUD-DEVELOPER PracticeBrowse All PROFESSIONAL-CLOUD-DEVELOPER Questions