Google Cloud Professional Cloud Developer — Question 307

Your infrastructure team is responsible for creating and managing Compute Engine VMs. Your team uses the Google Cloud console and gcloud CLI to provision resources for the development environment. You need to ensure that all Compute Engine VMs are labeled correctly for compliance reasons. In case of missing labels, you need to implement corrective actions so the labels are configured accordingly without changing the current deployment process. You want to use the most scalable approach. What should you do?

Answer options

• A. Use a Cloud Audit Logs trigger to invoke a Cloud Function when a Compute Engine VM is created. Check for missing labels and assign them if necessary.
• B. Deploy resources with Terraform. Use the gcloud terraform vet command with a policy to ensure that every Compute Engine VM that is provisioned by Terraform has labels set.
• C. Write a script to check all Compute Engine VMs for missing labels regularly by using Cloud Scheduler. Use the script to assign the labels.
• D. Check all Compute Engine VMs for missing labels regularly. Use the console to assign the labels.

Correct answer: A

Explanation

The correct answer, A, is effective because it leverages Cloud Audit Logs to automatically invoke a Cloud Function, ensuring compliance by addressing missing labels at the moment of VM creation. Option B is less scalable since it relies on Terraform for provisioning and would not address existing VMs. Option C, while functional, requires regular checks and manual intervention, making it less efficient. Option D also necessitates manual checking and updating, which is not scalable.