New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud DevOps Engineer Exam - Topic 1 Question 98 Discussion

Actual exam question for Google's Professional Cloud DevOps Engineer exam
Question #: 98
Topic #: 1
[All Professional Cloud DevOps Engineer Questions]

[Building and implementing service monitoring strategies]

You have deployed a fleet Of Compute Engine instances in Google Cloud. You need to ensure that monitoring metrics and logs for the instances are visible in Cloud Logging and Cloud Monitoring by your company's operations and cyber

security teams. You need to grant the required roles for the Compute Engine service account by using Identity and Access Management (IAM) while following the principle of least privilege. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Terrilyn at Nov 22, 2025, 02:27 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud DevOps Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Yan
9 hours ago
B) gives too many permissions, not ideal.
upvoted 0 times
...
Lorita
6 days ago
I think D) is the best choice here!
upvoted 0 times
...
Kent
11 days ago
Haha, I bet the exam writers had a field day coming up with these options. Gotta love cloud security!
upvoted 0 times
...
Jaclyn
16 days ago
D) for sure. Might as well give them the full access they need to keep an eye on things. Safety first!
upvoted 0 times
...
Zana
21 days ago
B) is the way to go. Gotta make sure those teams can do their jobs properly. No half-measures!
upvoted 0 times
...
Son
26 days ago
I'm going with C. Logging and monitoring are important, but let's not go overboard on the permissions, you know?
upvoted 0 times
...
Vannessa
1 month ago
D) seems like the right answer here. Gotta give those ops and security teams the access they need!
upvoted 0 times
...
Krystal
1 month ago
I’m leaning towards option D because it specifically mentions logWriter and metricWriter, which seems more aligned with what we need.
upvoted 0 times
...
Dong
1 month ago
I feel like option B might be too broad since it includes admin roles, which could violate the least privilege principle.
upvoted 0 times
...
Maile
2 months ago
I remember practicing a similar question where we had to assign roles for logging and monitoring, but I’m not sure if logging.editor is the right one here.
upvoted 0 times
...
Stephanie
2 months ago
I think we need to focus on the principle of least privilege, so maybe options A or D could be better choices.
upvoted 0 times
...
Erick
2 months ago
Hmm, I'm not sure if option D is the best choice. I'll need to carefully consider the differences between the roles and make sure I'm not granting more access than necessary.
upvoted 0 times
...
Ngoc
2 months ago
A) seems too broad, not least privilege.
upvoted 0 times
...
Cristal
2 months ago
I'm feeling pretty confident about this one. The key is to follow the principle of least privilege, so I'll go with option D to grant the most specific roles.
upvoted 0 times
...
Lashon
2 months ago
Okay, I think I've got a strategy here. I'll grant the logging.logWriter and monitoring.metricWriter roles to ensure the necessary visibility for the operations and security teams.
upvoted 0 times
...
Detra
3 months ago
Wait, can we really trust the service account with those roles?
upvoted 0 times
...
Barabara
3 months ago
I agree with D. It balances access and security.
upvoted 0 times
...
Joana
3 months ago
I'm a bit confused about the difference between the logging and monitoring roles. I'll need to double-check the documentation to understand which ones are the most appropriate.
upvoted 0 times
...
Ardella
3 months ago
Hmm, this looks like a tricky one. I'll need to carefully review the IAM roles and permissions to make sure I grant the least privilege required.
upvoted 0 times
...

Save Cancel