Google Cloud Professional Cloud Developer — Question 336

You developed a Python script that retrieves information from files that are uploaded to Cloud Storage and writes the information to Bigtable. You have completed testing on your local environment and created the python-script service account with the Bigtable User IAM role. You want to deploy the code with the appropriate authentication while following Google-recommended practices. What should you do?

Answer options

• A. 1. Deploy your code to Cloud Functions. Create a Cloud Storage trigger. 2. Configure IAM binding for authentication.
• B. 1. Deploy your code to Cloud Functions. Create a Cloud Storage trigger. 2. Create a service account key for authentication
• C. 1. Deploy your image to Cloud Run. Create a trigger in Cloud Scheduler that triggers the service every minute. 2. Configure IAM binding for authentication.
• D. 1. Deploy your image to Cloud Run. Create a trigger in Cloud Scheduler that triggers the service every minute. 2. Create a service account key for authentication.

Correct answer: A

Explanation

The correct answer is A because deploying to Cloud Functions with a Cloud Storage trigger and configuring IAM binding ensures that the service uses the appropriate authentication without hardcoding credentials, following best practices. Options B and D involve creating a service account key, which is less secure for production environments, while option C suggests using Cloud Run, which is not necessary for this scenario.