ExpertMedium1 markMultiple Choice
Domain 3.1: Deploying and implementing Compute Engine resourcesDomain 3Compute EnginegcloudService Accounts
GCP ACE · Question 19 · Domain 3.1: Deploying and implementing Compute Engine resources
You need to create a new Compute Engine instance using the gcloud CLI. The instance must run under a specific custom service account (app-sa@my-project.iam.gserviceaccount.com) and have access to the cloud-platform API scope.
Which gcloud command flags should you use?
You need to create a new Compute Engine instance using the gcloud CLI. The instance must run under a specific custom service account (app-sa@my-project.iam.gserviceaccount.com) and have access to the cloud-platform API scope.
Which gcloud command flags should you use?
Answer options:
A.
--service-account and --scopes
B.
--iam-account and --permissions
C.
--service-account and --roles
D.
--account and --api-access
How to approach this question
Recall the specific gcloud flags used to attach an identity and define API access levels for a Compute Engine VM.
Full Answer
A.--service-account and --scopes✓ Correct
When creating a VM with `gcloud compute instances create`, you use the `--service-account` flag to specify the email address of the service account. You use the `--scopes` flag to specify the OAuth2 scopes (like `https://www.googleapis.com/auth/cloud-platform`) that determine which GCP APIs the VM can call.
Common mistakes
Confusing IAM roles with API scopes. While best practice is to rely on IAM roles, the VM configuration specifically requires setting 'scopes'.
Practice the full GCP Associate Cloud Engineer Practice Exam 5
50 questions · hints · full answers · grading
More questions from this exam
Q01You are starting a new initiative and need to create a new Google Cloud project using the command...EasyQ02A developer on your team needs to manage App Engine applications, including deploying new version...MediumQ03You have created a new Google Cloud project. You need to allow a specific group of developers to ...MediumQ04Which statement best describes the relationship between Google Cloud projects and billing accounts?EasyQ05Your company wants to be notified immediately in their Slack channel whenever their monthly Googl...Medium