Google Exam Associate-Cloud-Engineer Topic 3 Question 74 Discussion

Actual exam question for Google's Google Associate Cloud Engineer exam

Question #: 74
Topic #: 3

[All Google Associate Cloud Engineer Questions]

You just installed the Google Cloud CLI on your new corporate laptop. You need to list the existing instances of your company on Google Cloud. What must you do before you run the gcloud compute instances list command?

Choose 2 answers

ARun gcloud auth login, enter your login credentials in the dialog window, and paste the received login token to gcloud CLI.

BCreate a Google Cloud service account, and download the service account key. Place the key file in a folder on your machine where gcloud CLI can find it.

CDownload your Cloud Identity user account key. Place the key file in a folder on your machine where gcloud CLI can find it.

DRun gcloud config set compute/zone $my_zone to set the default zone for gcloud CLI.

ERun gcloud config set project $my_project to set the default project for gcloud CLI.

Show Suggested Answer

Suggested Answer: A, E

Before you run the gcloud compute instances list command, you need to do two things: authenticate with your user account and set the default project for gcloud CLI.

To authenticate with your user account, you need to run gcloud auth login, enter your login credentials in the dialog window, and paste the received login token to gcloud CLI.This will authorize the gcloud CLI to access Google Cloud resources on your behalf1.

To set the default project for gcloud CLI, you need to run gcloud config set project $my_project, where $my_project is the ID of the project that contains the instances you want to list.This will save you from having to specify the project flag for every gcloud command2.

Option B is not recommended, because using a service account key increases the risk of credential leakage and misuse.It is also not necessary, because you can use your user account to authenticate to the gcloud CLI3. Option C is not correct, because there is no such thing as a Cloud Identity user account key.Cloud Identity is a service that provides identity and access management for Google Cloud users and groups4. Option D is not required, because the gcloud compute instances list command does not depend on the default zone. You can list instances from all zones or filter by a specific zone using the --filter flag.

1: https://cloud.google.com/sdk/docs/authorizing

2: https://cloud.google.com/sdk/gcloud/reference/config/set

3: https://cloud.google.com/iam/docs/best-practices-for-managing-service-account-keys

4: https://cloud.google.com/identity/docs/overview

: https://cloud.google.com/sdk/gcloud/reference/compute/instances/list

by Fausto at Dec 25, 2023, 05:53 AM

Limited Time Offer

25%

Off

Get Premium Associate-Cloud-Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Vivan

10 days ago

Ooh, good catch! Setting the project and zone sounds like a more straightforward way to get the CLI ready to list instances. Although, if I remember correctly, don't we need to do both the auth login and the config set commands?

upvoted 0 times

...

Anabel

11 days ago

You know, I was thinking the same thing. The service account feels like overkill for just listing instances. Maybe we should try the gcloud config commands instead to set the project and zone?

upvoted 0 times

...

Margret

12 days ago

Yeah, I agree. We'll need to authenticate somehow. But I'm not sure if the service account key is the right approach here. Wouldn't that be more for programmatic access?

upvoted 0 times

...

Vilma

13 days ago

Hmm, this is a tricky one. I think the key is to authenticate with the Google Cloud CLI before you can list the instances. I'm pretty sure we need to run gcloud auth login first to get our credentials set up.

upvoted 0 times

...