ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Associate Cloud Engineer All Questions

View all questions & answers for the Associate Cloud Engineer exam
Go to Exam

Exam Associate Cloud Engineer topic 1 question 284 discussion

Actual exam question from Google's Associate Cloud Engineer
Question #: 284
Topic #: 1
[All Associate Cloud Engineer Questions]

You are developing an application that will be deployed on Google Cloud. The application will use a service account to retrieve data from BigQuery. Before you deploy your application, you want to test the permissions of this service account from your local machine to ensure there will be no authentication issues. You want to ensure that you use the most secure method while following Google-recommended practices. What should you do?

  • A. Generate a service account key, and configure the gcloud CLI to use this key. Issue a relevant BigQuery request through the gdoud CLI to test the access.
  • B. Grant the service account the BigQuery Administrator IAM role to ensure the service account has all required access.
  • C. Configure the gcloud CLI to use service account impersonation. Issue a relevant BigQuery request through the gcloud CLI to test the access.
  • D. Configure the gcloud CLI with Application Default Credentials using your user account. Issue a relevant BigQuery request through the gcloud CLI to test the access.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Esteban08 at Feb. 28, 2025, 1:14 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Mika_Ro
1 month, 2 weeks ago
Selected Answer: C
C is the best way to securely test the permissions of the service account from your local machine
upvoted 1 times
...
Esteban08
1 month, 3 weeks ago
Selected Answer: C
Google-recommended practices advise against distributing or storing long-lived service account keys because they can be a security risk. Instead, service account impersonation allows you to use your own credentials to "borrow" the identity of the service account without needing to download a key file. This method is more secure.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago