Domain 3.1: Deploying and implementing Compute Engine resources — GCP ACE Practice Question 21

How to approach this question

Identify the GCP feature that links Linux SSH access directly to Google Cloud IAM identities.

Full Answer

Enable OS Login at the project or instance level, Grant the roles/compute.osLogin or roles/compute.osAdminLogin role to authorized users

OS Login is the Google Cloud feature that links SSH access to IAM. By enabling OS Login (`enable-oslogin=TRUE` in metadata), you disable traditional metadata-based SSH keys. Access is then granted by assigning the `roles/compute.osLogin` (standard user) or `roles/compute.osAdminLogin` (sudo access) IAM roles. When a user's Google account is disabled, their SSH access is instantly revoked.

Common mistakes

Confusing Cloud IAP (which secures the network tunnel) with OS Login (which manages the OS-level authentication).

How to approach this question

Full Answer

Common mistakes

Practice the full GCP Associate Cloud Engineer Practice Exam 5

More questions from this exam