Exam Professional Cloud Network Engineer topic 1 question 43 discussion

Correct Answer is (A) Overview By creating and managing SSH keys, you can let users access a Linux instance through third-party tools. An SSH key consists of the following files: A public SSH key file that is applied to instance-level metadata or project-wide metadata. A private SSH key file that the user stores on their local devices. If a user presents their private SSH key, they can use a third-party tool to connect to any instance that is configured with the matching public SSH key file, even if they aren't a member of your Google Cloud project. Therefore, you can control which instances a user can access by changing the public SSH key metadata for one or more instances. https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys#addkey

Project metadata applies to all instances in the project, so uploading your SSH public key here will automatically allow SSH access to every instance in the project without needing to modify each instance individually.

A. Upload your public SSH key to the project Metadata. This option involves adding your SSH key to the project-level Metadata. Instances in the project can then access this Metadata to retrieve the SSH key during startup.

It is A

The question ask to ensure your ssh key can work for EVERY instance in your PROJECT... Answer is A: https://cloud.google.com/compute/docs/connect/add-ssh-keys#add_ssh_keys_to_project_metadata

C. Create a custom Google Compute Engine image with your public ssh key embedded. This would ensure that every instance launched from this image will have your SSH key installed, and you wouldn't need to manually upload the key to each instance or copy it over using gcloud compute ssh. This is the most efficient option as it saves time and eliminates the possibility of human error. Option D can work, but it requires you to manually run the command for each instance, which can be tedious and error-prone if you have many instances to configure. Option A is not the most secure option because it grants access to all instances in the project to anyone who has access to the metadata. It is better to use instance metadata to configure specific settings for individual instances. Option B can work, but it requires you to upload your SSH key to each instance metadata, which can be time-consuming if you have many instances to configure.

A. Upload your public ssh key to the project Metadata.

AAAAAAAA

A is the best

Answer is : A

Correct Answer is (A) https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys#edit-ssh-metadata

A is the answer

A is correct: @project level all instances in that project will access the ssh keys

Ans - A

I think the Correct answer is B. Project Metadata can be disabled when creating an instance.