Exam4Training

What should you do?

Your team develops services that run on Google Cloud. You need to build a data processing service and will use Cloud Functions. The data to be processed by the function is sensitive. You need to ensure that invocations can only happen from authorized services and follow Google-recommended best practices for securing functions.

What should you do?
A . Enable Identity-Aware Proxy in your project. Secure function access using its permissions.
B . Create a service account with the Cloud Functions Viewer role. Use that service account to invoke the function.
C . Create a service account with the Cloud Functions Invoker role. Use that service account to invoke the function.
D . Create an OAuth 2.0 client ID for your calling service in the same project as the function you want to secure. Use those credentials to invoke the function.

Answer: C

Explanation:

Reference: https://medium.com/google-cloud/how-to-securely-invoke-a-cloud-function-from-google-kubernetes-engine-running-on-another-gcp-79797ec2b2c6

Exit mobile version