Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Database Engineer Exam - Topic 10 Question 68 Discussion

Actual exam question for Google's Professional Cloud Database Engineer exam
Question #: 68
Topic #: 10
[All Professional Cloud Database Engineer Questions]

An analytics team needs to read data out of Cloud SQL for SQL Server and update a table in Cloud Spanner. You need to create a service account and grant least privilege access using predefined roles. What roles should you assign to the service account?

Show Suggested Answer Hide Answer
Suggested Answer: A

To read data out of Cloud SQL for SQL Server, you need to use a service account with the roles/cloudsql.viewer role on the Cloud SQL instance. This role grants the service account permission to read data from the instance. Whereas roles/cloudsql.instanceUser will only allow to login to cloud SQL instance. No resource will be allowed to view.


by Alesia at Mar 31, 2026, 12:22 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Database Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Goldie
18 days ago
I think B) is too much access, not least privilege.
upvoted 0 times
...
Benedict
23 days ago
A) roles/cloudsql.viewer and roles/spanner.databaseUser is the way to go!
upvoted 0 times
...
Merilyn
1 month ago
I lean towards D because it seems to balance access well, but I’m not completely confident about the roles for Spanner.
upvoted 0 times
...
Erick
2 months ago
I'm not entirely sure, but I feel like roles/cloudsql.instanceUser might be necessary to connect to Cloud SQL.
upvoted 0 times
...
Minna
2 months ago
I remember practicing a similar question, and I think roles/cloudsql.viewer is definitely a safer option than editor.
upvoted 0 times
...
Carmela
2 months ago
I think the least privilege principle means we should avoid roles that give too much access, so maybe A or D?
upvoted 0 times
...

Save Cancel