What should you do?

A company’s application is deployed with a user-managed Service Account key. You want to use Google- recommended practices to rotate the key.

What should you do?
A . Open Cloud Shell and run gcloud iam service-accounts enable-auto-rotate –iam-account=IAM_ACCOUNT.
B . Open Cloud Shell and run gcloud iam service-accounts keys rotate –iam- account=IAM_ACCOUNT –key=NEW_KEY.
C . Create a new key, and use the new key in the application. Delete the old key from the Service Account.
D . Create a new key, and use the new key in the application. Store the old key on the system as a backup key.

Answer: C

Explanation:

You can rotate a key by creating a new key, updating applications to use the new key, and deleting the old key. Use the serviceAccount.keys.create() method and serviceAccount.keys.delete() method together to automate the rotation.

Reference: https://cloud.google.com/iam/docs/understanding-service-accounts

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments