ExpertMedium1 markMultiple Choice
GCP ACE · Question 25 · Domain 3.3: Deploying Cloud Run and Cloud Functions
You are deploying a public-facing website using Cloud Run. You have the container image ready in Artifact Registry. You want to ensure that anyone on the internet can access the website without needing to authenticate.
Which flag must you include in your gcloud run deploy command?
You are deploying a public-facing website using Cloud Run. You have the container image ready in Artifact Registry. You want to ensure that anyone on the internet can access the website without needing to authenticate.
Which flag must you include in your gcloud run deploy command?
Answer options:
A.
--public
B.
--no-auth
C.
--allow-unauthenticated
D.
--ingress=all
How to approach this question
Recall the specific flag used in Cloud Run to bypass IAM authentication for public web services.
Full Answer
C.--allow-unauthenticated✓ Correct
--allow-unauthenticated
By default, Cloud Run services are secured and require IAM authentication to be invoked. To make a service public (like a website), you must use the `--allow-unauthenticated` flag during deployment, which grants the `roles/run.invoker` role to `allUsers`.
Common mistakes
Confusing `--ingress=all` (network level) with `--allow-unauthenticated` (IAM level).
Practice the full GCP Associate Cloud Engineer Practice Exam 3
50 questions · hints · full answers · grading
More questions from this exam
Q01You are starting a new project in Google Cloud and need to create a new GCP project and enable th...EasyQ02A new team member has joined your operations team. They need to be able to view all Compute Engin...MediumQ03Your company is migrating to Google Cloud. You currently manage all employee identities in an on-...MediumQ04Your development team is experimenting with new GCP services in a sandbox project. The finance te...MediumQ05Your company wants to perform complex, custom SQL analysis on their Google Cloud billing data to ...Easy