Google Cloud Professional Cloud Security Engineer Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Prepare for the Google Cloud Professional Cloud Security Engineer Exam with our interactive quiz. Study with flashcards and multiple-choice questions, complete with hints and explanations. Ace your exam with confidence!

Practice this question and more.

What permission is needed for Engineering Group A to attach a Compute Engine instance to a specific subnet in Shared VPC?

Compute Network User Role at the project level
Compute Network User Role at the subnet level
Compute Admin Role
Viewer Role

The correct answer is: Compute Network User Role at the subnet level

To attach a Compute Engine instance to a specific subnet in a Shared VPC, the Engineering Group A requires the appropriate permissions that are specific to the subnet. The Compute Network User role at the subnet level provides the necessary permissions for users to attach or modify resources with respect to that particular subnet. This role allows the group to use the network and connect to the subnet, ensuring that they can effectively assign or modify the Compute Engine instance as needed. The specificity of permissions at the subnet level is crucial in a Shared VPC environment, where the resources managed in different projects might need distinct levels of access. This granular control helps maintain security and compliance, allowing only designated groups to interact with the network resources associated with that subnet. Permissions at the project level or roles like Compute Admin may provide broader capabilities that are not specifically tailored to subnet management, and therefore are not the best fit for this specific task. Similarly, roles like Viewer provide read-only access and do not grant the necessary permissions required for the action of attaching instances, making them insufficient for Engineering Group A’s purpose.