Google Cloud Associate Cloud Engineer — Question 102

You are building an application that will run in your data center. The application will use Google Cloud Platform (GCP) services like AutoML. You created a service account that has appropriate access to AutoML. You need to enable authentication to the APIs from your on-premises environment. What should you do?

Answer options

• A. Use service account credentials in your on-premises application.
• B. Use gcloud to create a key file for the service account that has appropriate permissions.
• C. Set up direct interconnect between your data center and Google Cloud Platform to enable authentication for your on-premises applications.
• D. Go to the IAM & admin console, grant a user account permissions similar to the service account permissions, and use this user account for authentication from your data center.

Correct answer: B

Explanation

The correct answer is B because creating a key file for the service account using gcloud provides the necessary credentials for your application to authenticate with GCP services securely. Option A is incorrect as it does not involve generating a key file, and option C, while it establishes a connection, does not directly address authentication. Option D is also incorrect since it relies on a user account instead of the service account, which is not ideal for programmatic access.