Question 1

A new team member has joined your operations team. They need to be able to view all Compute Engine instances, their configurations, and their current state across your project, but they should not be able to start, stop, or modify any instances.

Which predefined IAM role should you assign to this user?

Accepted Answer

Apply the principle of least privilege. Look for a predefined role specific to the service (Compute Engine) and the action (viewing).

Question 2

What mistakes do candidates make on this GCP ACE question?

Accepted Answer

Selecting `roles/viewer` because it sounds correct, but it grants too much access across the entire project.

How to approach this question

Full Answer

Common mistakes

Practice the full GCP Associate Cloud Engineer Practice Exam 3

More questions from this exam