Practice Test 2 | Google Cloud Certified Professional Cloud DevOps Engineer | Dumps | Mock Test

Question 7

Your Site Reliability (SRE) team members are managing the CICD of your organization. The organization uses GCP Projects to separate environments. The pipeline consists of Cloud Source Repository, Cloud Build and Spinnaker. There is a security requirement to send the logs of Cloud Build in the Production Project to a user-created bucket in a Project designated for logs.

Which step can you take to achieve this?

A. Grant the Cloud Build Service account of the Production Project the Storage Admin role in the logging Project.
B. Grant the Cloud Build Service account of the Production Project the Storage Admin role in the Production Project.
C. Grant the Cloud Build Service account of the Production Project the Project Viewer role in the logging Project
D. Grant the Cloud Build Service account of the Production Project the Project Viewer role in the Production Project

Answer

Correct Answer: A

Option A is CORRECT. The Storage Admin role should be given to the Cloud Build Service account of the production Project in the logging Project.
Option B and D are incorrect. The permission should be added in the logging Project.
Options C is incorrect. The viewer role is not sufficient for Cloud Build to put logs.

Reference:

https://cloud.google.com/build/docs/securing-builds/store-manage-build-logs#store-custom-bucket

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50

PCDevE

Practice Test 2 | Google Cloud Certified Professional Cloud DevOps Engineer | Dumps | Mock Test

Question 7

Answer

Ads Blocker Detected!!!