ExpertMedium1 markMultiple Choice
GCP PCA · Question 24 · Domain 2: Managing and Provisioning a Solution Infrastructure
Your organization uses a Shared VPC architecture. Project A is the Host Project. Project B and Project C are Service Projects. A developer in Project B needs to create a Compute Engine instance attached to a subnet in the Shared VPC. Which IAM role must the developer be granted, and where?
Your organization uses a Shared VPC architecture. Project A is the Host Project. Project B and Project C are Service Projects. A developer in Project B needs to create a Compute Engine instance attached to a subnet in the Shared VPC. Which IAM role must the developer be granted, and where?
Answer options:
A.
Compute Admin role on the Host Project.
B.
Compute Network User role on the specific subnet in the Host Project.
C.
Compute Network Admin role on the Service Project.
D.
Shared VPC Admin role on the Organization level.
How to approach this question
Understand the Shared VPC model: Networks live in the Host project, compute lives in the Service project. Users need 'User' access to the network.
Full Answer
B.Compute Network User role on the specific subnet in the Host Project.✓ Correct
Compute Network User role on the specific subnet in the Host Project.
In a Shared VPC, the network resources reside in the Host Project. To allow a developer in a Service Project to attach a VM to that network, the Shared VPC Admin must grant the developer the `roles/compute.networkUser` role. Best practice is to grant this on the specific subnet they need, rather than the entire Host Project.
Common mistakes
Granting roles on the Service Project (C). The network doesn't exist in the Service Project.
Practice the full GCP Professional Cloud Architect Practice Exam 4
50 questions · hints · full answers · grading
More questions from this exam
Q01CASE STUDY: TechStream Gaming
Overview: 500 employees, $100M revenue. On-prem US/EU, 200 servers...MediumQ02CASE STUDY: TechStream Gaming
Overview: 500 employees, $100M revenue. On-prem US/EU, 200 servers...MediumQ03CASE STUDY: TechStream Gaming
Overview: 500 employees, $100M revenue. On-prem US/EU, 200 servers...HardQ04CASE STUDY: TechStream Gaming
Overview: 500 employees, $100M revenue. On-prem US/EU, 200 servers...HardQ05CASE STUDY: TechStream Gaming
Overview: 500 employees, $100M revenue. On-prem US/EU, 200 servers...Easy