Google Cloud Professional Cloud Developer — Question 288

You are developing a scalable web application for internal users. Your organization uses Google Workspace. You need to set up authentication to the application for the users, and then deploy the application on Google Cloud. You plan to use cloud-native features, and you want to minimize infrastructure management effort. What should you do? (Choose two.)

Answer options

• A. Create a Compute Engine VM, configure a web server, and deploy the application in a VPC.
• B. Containerize the application, and deploy it as a Cloud Run service.
• C. Configure Cloud SQL database with a table containing the users and password hashes. Add an authentication screen to ensure that only internal users can access the application.
• D. Configure Identity Aware Proxy, and grant the roles/iap.httpsResourceAccessor IAM role to the users that need to access the application.
• E. Configure Identity Aware Proxy, and grant the roles/iap.tunnelResourceAccessor IAM role to the users that need to access the application.

Correct answer: B, D

Explanation

The correct answers, B and D, leverage cloud-native features effectively. Containerizing the application for deployment as a Cloud Run service minimizes management effort and scales automatically. Utilizing Identity Aware Proxy with the correct IAM role ensures secure access for internal users, which is essential in a Google Workspace environment. Options A and C involve more infrastructure management and do not fully utilize Google Cloud's capabilities, while option E grants access using a different role that is not suitable for the application context.