Google Cloud Professional Cloud Developer — Question 214

You have an on-premises application that authenticates to the Cloud Storage API using a user-managed service account with a user-managed key. The application connects to Cloud Storage using Private Google Access over a Dedicated Interconnect link. You discover that requests from the application to access objects in the Cloud Storage bucket are failing with a 403 Permission Denied error code. What is the likely cause of this issue?

Answer options

• A. The folder structure inside the bucket and object paths have changed.
• B. The permissions of the service account’s predefined role have changed.
• C. The service account key has been rotated but not updated on the application server.
• D. The Interconnect link from the on-premises data center to Google Cloud is experiencing a temporary outage.

Correct answer: B

Explanation

The correct answer is B because if the permissions associated with the service account's predefined role have been modified, it could lead to access issues like a 403 error. Options A, C, and D do not directly relate to permission settings; changes in folder structure or object paths do not typically cause permission denials, and key rotation issues or connectivity problems would likely result in different error messages.