Google Cloud Professional Cloud Database Engineer — Question 108

You are deploying a new Cloud SQL instance on Google Cloud using the Cloud SQL Auth proxy. You have identified snippets of application code that need to access the new Cloud SQL instance. The snippets reside and execute on an application server running on a Compute Engine machine. You want to follow Google-recommended practices to set up Identity and Access Management (IAM) as quickly and securely as possible. What should you do?

Answer options

• A. For each application code, set up a common shared user account.
• B. For each application code, set up a dedicated user account.
• C. For the application server, set up a service account.
• D. For the application server, set up a common shared user account.

Correct answer: C

Explanation

The correct answer, C, is appropriate because setting up a service account for the application server allows for secure and efficient access management to Cloud SQL. Options A and B involve user accounts that can complicate access control and management, while option D suggests a shared account, which is not recommended for security reasons.