ExpertHard1 markMultiple Choice
GCP PCA · Question 42 · Domain 2: Managing and Provisioning a Solution Infrastructure
In a Shared VPC architecture, which THREE IAM roles are typically required to allow a developer in a Service Project to create a VM that uses a subnet in the Host Project? (Select THREE)
In a Shared VPC architecture, which THREE IAM roles are typically required to allow a developer in a Service Project to create a VM that uses a subnet in the Host Project? (Select THREE)
Answer options:
A.
Compute Network User on the Host Project subnet.
B.
Compute Instance Admin on the Service Project.
C.
Service Account User on the Service Project.
D.
Compute Network Admin on the Host Project.
E.
Project Owner on the Host Project.
F.
Shared VPC Admin on the Organization.
How to approach this question
Map IAM roles to Shared VPC actions.
Full Answer
Compute Network User on the Host Project subnet.
Compute Instance Admin on the Service Project.
Service Account User on the Service Project.
To deploy a VM in a Shared VPC, a user needs Instance Admin (to build it) and Service Account User (to give it identity) in their own project, plus Network User on the specific subnet in the host project.
Common mistakes
Granting Network Admin, which gives too much power over the host project.
Practice the full GCP Professional Cloud Architect Practice Exam 2
50 questions · hints · full answers · grading
More questions from this exam
Q01CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...MediumQ02CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...MediumQ03CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...HardQ04CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...MediumQ05CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...Easy