ExpertEasy1 markMultiple Choice
GCP ACE · Question 25 · Domain 3.3: Deploying Cloud Run and Cloud Functions
You are deploying a new public-facing website using Cloud Run. You want anyone on the internet to be able to access the website without needing to log in.
How should you configure the authentication settings during deployment?
You are deploying a new public-facing website using Cloud Run. You want anyone on the internet to be able to access the website without needing to log in.
How should you configure the authentication settings during deployment?
Answer options:
A.
Allow unauthenticated invocations
B.
Require authentication
C.
Set ingress to internal only
D.
Attach a Cloud NAT to the Cloud Run service
How to approach this question
Understand the basic security settings of Cloud Run. To make it public, you must explicitly allow unauthenticated access.
Full Answer
A.Allow unauthenticated invocations✓ Correct
By default, Cloud Run services require IAM authentication to be invoked. To make a Cloud Run service publicly accessible (like a public website), you must configure it to 'Allow unauthenticated invocations'. Behind the scenes, this adds the `allUsers` member to the `roles/run.invoker` IAM role on the service.
Common mistakes
Confusing Ingress settings (network level) with Authentication settings (IAM level).
Practice the full GCP Associate Cloud Engineer Practice Exam 5
50 questions · hints · full answers · grading
More questions from this exam
Q01You are starting a new initiative and need to create a new Google Cloud project using the command...EasyQ02A developer on your team needs to manage App Engine applications, including deploying new version...MediumQ03You have created a new Google Cloud project. You need to allow a specific group of developers to ...MediumQ04Which statement best describes the relationship between Google Cloud projects and billing accounts?EasyQ05Your company wants to be notified immediately in their Slack channel whenever their monthly Googl...Medium