Google Cloud Associate Cloud Engineer — Question 164

You will have several applications running on different Compute Engine instances in the same project. You want to specify at a more granular level the service account each instance uses when calling Google Cloud APIs. What should you do?

Answer options

• A. When creating the instances, specify a Service Account for each instance.
• B. When creating the instances, assign the name of each Service Account as instance metadata.
• C. After starting the instances, use gcloud compute instances update to specify a Service Account for each instance.
• D. After starting the instances, use gcloud compute instances update to assign the name of the relevant Service Account as instance metadata.

Correct answer: A

Explanation

The correct answer is A because specifying a Service Account at the time of instance creation allows you to define the account each instance will use for API calls. Options B and D incorrectly suggest using instance metadata, which does not specify a service account but rather adds information that is not used for authentication. Option C is also incorrect as it implies updating the service account after instance creation, which is not the most effective approach for this requirement.