What should you do?

Associate Cloud Engineer V2 0 Comments

You have one project called proj-sa where you manage all your service accounts. You want to be able to use a service account from this project to take snapshots of VMs running in another project called proj-vm.

What should you do?
A . Download the private key from the service account, and add it to each VMs custom metadata.
B . Download the private key from the service account, and add the private key to each VM’s SSH keys.
C . Grant the service account the IAM Role of Compute Storage Admin in the project called proj-vm.
D . When creating the VMs, set the service account’s API scope for Compute Engine to read/write.

Answer: C

Explanation:

https://gtseres.medium.com/using-service-accounts-across-projects-in-gcp-cf9473fef8f0

You create the service account in proj-sa and take note of the service account email, then you go to proj-vm in IAM > ADD and add the service account’s email as new member and give it the Compute Storage Admin role.

https://cloud.google.com/compute/docs/access/iam#compute.storageAdmin

Latest Associate Cloud Engineer Dumps Valid Version with 181 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download Associate Cloud Engineer PDF     Associate Cloud Engineer Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments