Google Cloud Professional Data Engineer — Question 213

You are designing the architecture to process your data from Cloud Storage to BigQuery by using Dataflow. The network team provided you with the Shared VPC network and subnetwork to be used by your pipelines. You need to enable the deployment of the pipeline on the Shared VPC network. What should you do?

Answer options

• A. Assign the compute.networkUser role to the Dataflow service agent.
• B. Assign the compute.networkUser role to the service account that executes the Dataflow pipeline.
• C. Assign the dataflow.admin role to the Dataflow service agent.
• D. Assign the dataflow.admin role to the service account that executes the Dataflow pipeline.

Correct answer: B

Explanation

The correct answer is B because the service account executing the Dataflow pipeline requires the compute.networkUser role to access resources on the Shared VPC network. Option A is incorrect as it assigns the role to the service agent instead of the service account. Options C and D assign the dataflow.admin role, which is not related to network access permissions required for using the Shared VPC.