Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Developer Exam - Topic 7 Question 60 Discussion

Your team is developing an application in Google Cloud that executes with user identities maintained by Cloud Identity. Each of your application's users will have an associated Pub/Sub topic to which messages are published, and a Pub/Sub subscription where the same user will retrieve published messages. You need to ensure that only authorized users can publish and subscribe to their own specific Pub/Sub topic and subscription. What should you do?
C) Grant the user identity a custom role that contains the pubsub.topics.create and pubsub.subscriptions.create permissions.
A) Bind the user identity to the pubsub.publisher and pubsub.subscriber roles at the resource level.
B) Grant the user identity the pubsub.publisher and pubsub.subscriber roles at the project level.
D) Configure the application to run as a service account that has the pubsub.publisher and pubsub.subscriber roles.

Google Professional Cloud Developer Exam - Topic 7 Question 60 Discussion

Actual exam question for Google's Professional Cloud Developer exam
Question #: 60
Topic #: 7
[All Professional Cloud Developer Questions]

Your team is developing an application in Google Cloud that executes with user identities maintained by Cloud Identity. Each of your application's users will have an associated Pub/Sub topic to which messages are published, and a Pub/Sub subscription where the same user will retrieve published messages. You need to ensure that only authorized users can publish and subscribe to their own specific Pub/Sub topic and subscription. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Gail at Nov 20, 2022, 06:47 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Developer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Ettie
7 months ago
Wait, can we really bind roles at the resource level? That's new to me!
upvoted 0 times
...
Chandra
7 months ago
D sounds like a workaround, but is it secure enough?
upvoted 0 times
...
Stevie
7 months ago
C is interesting, but does it really limit access as needed?
upvoted 0 times
...
Ty
8 months ago
I disagree, B would give too much access at the project level.
upvoted 0 times
...
Chaya
8 months ago
A seems like the right choice for user-specific access.
upvoted 0 times
...
Robt
8 months ago
Running the application as a service account sounds familiar, but I wonder if that would limit user-specific access to their own topics.
upvoted 0 times
...
Leatha
8 months ago
I practiced a similar question where we had to assign permissions, and I feel like a custom role could work, but I can't recall the exact permissions needed.
upvoted 0 times
...
Claudio
8 months ago
I think granting roles at the project level might be too broad. We need to restrict access to specific topics and subscriptions, right?
upvoted 0 times
...
Tashia
8 months ago
I remember something about binding roles at the resource level, but I'm not entirely sure if that's the best approach for individual user access.
upvoted 0 times
...
Kati
8 months ago
Hmm, I'm a bit confused by all the hashing and encryption steps. Let me re-read this a few times to make sure I grasp what's happening.
upvoted 0 times
...
Malinda
8 months ago
I'm pretty confident about this one. I know that service tasks can be configured to invoke processes or services asynchronously, and that you can use a service task to invoke a BPEL process.
upvoted 0 times
...
Graham
8 months ago
Okay, I think I've got this. The key is understanding when you'd want separate Product Backlogs versus a single one. I'll focus on the details in each answer choice.
upvoted 0 times
...
Belen
8 months ago
Device Seizure sounds like the most likely option here. It's a tool specifically designed for forensic data collection and preservation, so that's my best guess.
upvoted 0 times
...

Save Cancel