Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Developer Exam - Topic 4 Question 119 Discussion

Actual exam question for Google's Professional Cloud Developer exam
Question #: 119
Topic #: 4
[All Professional Cloud Developer Questions]

You have an application written in Python running in production on Cloud Run. Your application needs to read/write data stored in a Cloud Storage bucket in the same project. You want to grant access to your application following the principle of least privilege. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: A

https://cloud.google.com/iam/docs/understanding-roles#storage.admin


by Dong at Apr 06, 2026, 10:28 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Developer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Mayra
18 days ago
Totally agree, custom roles are the way to go!
upvoted 0 times
...
Isreal
23 days ago
A) is the best choice for least privilege.
upvoted 0 times
...
Stephen
1 month ago
I recall that using the default service account might give too many permissions, so I think we should avoid that option.
upvoted 0 times
...
Dante
1 month ago
I’m leaning towards option A, but I’m a bit uncertain if the custom role would cover all the necessary permissions for Cloud Storage.
upvoted 0 times
...
Devora
2 months ago
I think we practiced a similar question where we had to choose between custom roles and predefined ones. I feel like a custom role might be too complex for this case.
upvoted 0 times
...
Nu
2 months ago
I remember we talked about the principle of least privilege, but I'm not sure which IAM role would be the best fit for just reading and writing to Cloud Storage.
upvoted 0 times
...

Save Cancel