Domain 3.1: Deploying and implementing Compute Engine resources — GCP ACE Practice Question 21

How to approach this question

Determine how to grant SSH access without IAM. SSH keys in metadata is the traditional way. Ensure it's applied at the instance level, not project level, to restrict access to one VM.

Full Answer

C.Ask the contractor for their public SSH key and add it to the metadata of the 'db-admin-vm' instance.✓ Correct

Ask the contractor for their public SSH key and add it to the metadata of the 'db-admin-vm' instance.

If you need to grant SSH access to a specific VM without granting IAM permissions (like OS Login), you can manage SSH keys manually via metadata. To restrict access to only the 'db-admin-vm', you must add the contractor's public SSH key to the instance-level metadata of that specific VM. Adding it to project-level metadata would grant access to other VMs in the project.

Common mistakes

Choosing project-level metadata, which grants too much access, or choosing OS Login, which requires IAM permissions.

An external contractor needs SSH access to a specific Compute Engine instance named 'db-admin-vm' to perform maintenance. You do not want to grant them IAM access to the Google Cloud project.

How should you provide them access?

How to approach this question

Full Answer

Common mistakes

Practice the full GCP Associate Cloud Engineer Practice Exam 6

More questions from this exam

An external contractor needs SSH access to a specific Compute Engine instance named 'db-admin-vm' to perform maintenance. You do not want to grant them IAM access to the Google Cloud project. How should you provide them access?

How to approach this question

Full Answer

Common mistakes

Practice the full GCP Associate Cloud Engineer Practice Exam 6

More questions from this exam

An external contractor needs SSH access to a specific Compute Engine instance named 'db-admin-vm' to perform maintenance. You do not want to grant them IAM access to the Google Cloud project.

How should you provide them access?