Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Google Discussions

Exam Professional Cloud DevOps Engineer topic 1 question 10 discussion

Actual exam question from Google's Professional Cloud DevOps Engineer
Question #: 10
Topic #: 1
[All Professional Cloud DevOps Engineer Questions]

You have a pool of application servers running on Compute Engine. You need to provide a secure solution that requires the least amount of configuration and allows developers to easily access application logs for troubleshooting. How would you implement the solution on GCP?

  • A. ג€¢ Deploy the Stackdriver logging agent to the application servers. ג€¢ Give the developers the IAM Logs Viewer role to access Stackdriver and view logs.
  • B. ג€¢ Deploy the Stackdriver logging agent to the application servers. ג€¢ Give the developers the IAM Logs Private Logs Viewer role to access Stackdriver and view logs.
  • C. ג€¢ Deploy the Stackdriver monitoring agent to the application servers. ג€¢ Give the developers the IAM Monitoring Viewer role to access Stackdriver and view metrics.
  • D. ג€¢ Install the gsutil command line tool on your application servers. ג€¢ Write a script using gsutil to upload your application log to a Cloud Storage bucket, and then schedule it to run via cron every 5 minutes. ג€¢ Give the developers the IAM Object Viewer access to view the logs in the specified bucket.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by devopsbatch at June 2, 2021, 4:56 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
devopsbatch
Highly Voted 2 years, 11 months ago
A roles/logging.viewer (Logs Viewer) gives you read-only access to all features of Logging, except Access Transparency logs and Data Access audit logs.
upvoted 27 times
akg001
2 years, 11 months ago
correct - A . least privilege principle
upvoted 9 times
...
AzureDP900
1 year, 6 months ago
A is right
upvoted 2 times
...
...
Charun
Highly Voted 2 years, 10 months ago
correct A
upvoted 11 times
...
jinaldesailive
Most Recent 2 months, 1 week ago
Selected Answer: A
A is the correct answer. As B is talking about private logs viewer, there is nothing like that role in GCP.
upvoted 1 times
habla2019pasta
4 days, 14 hours ago
For access to all logs in the _Required and _Default buckets, including data access logs, grant the Private Logs Viewer (roles/logging.privateLogViewer) role. https://cloud.google.com/logging/docs/access-control#logging.privateLogViewer
upvoted 1 times
...
...
fdsfsdgsdfxcvxcv
4 months, 2 weeks ago
B, https://cloud.google.com/logging/docs/routing/overview
upvoted 1 times
...
jomonkp
5 months, 2 weeks ago
A - correct option
upvoted 1 times
...
maxdanny
6 months, 1 week ago
Selected Answer: A
the correct answer is A, the privateLogViewer gives extra access to Data Access Logs that's is not required https://cloud.google.com/logging/docs/view/logs-explorer-interface
upvoted 1 times
...
JonathanSJ
1 year, 4 months ago
Selected Answer: A
Answer A
upvoted 1 times
...
mohan999
1 year, 6 months ago
A is correct, Private Logs Viewer gives you extra access to Data access logs and the question was about viewing application logs.
upvoted 2 times
...
GCP72
1 year, 9 months ago
Selected Answer: A
The correct answer is "A"
upvoted 2 times
...
mgm7
1 year, 10 months ago
Selected Answer: B
Default tier is premium. There is NO mention of the load balancer being used and there is no default for this.
upvoted 1 times
...
prasathdv
1 year, 11 months ago
Selected Answer: A
Ans: Option A. :Logs Viewer role. Least config setup (as per question). Option B is incorrect due to additional audit log viewing access which is inappropriate to this question. ref: https://cloud.google.com/logging/docs/access-control
upvoted 1 times
...
prasathdv
1 year, 11 months ago
Option A (Least config settings). Option B - Private viewer log is for viewing data audit logs. "The Logs Viewer role doesn't let principals read the Data Access audit logs that are in the _Default bucket. To read these Data Access audit logs, principals need the Private Logs Viewer role (roles/logging.privateLogViewer) for the appropriate log view." ref: https://cloud.google.com/logging/docs/access-control
upvoted 2 times
...
buldas
2 years, 3 months ago
Selected Answer: A
A. OK B. Logs Private Logs is for Data Logs C. Nope D. what?
upvoted 3 times
...
PhilipKoku
2 years, 3 months ago
Selected Answer: A
A) You only need logging.viewer https://cloud.google.com/logging/docs/access-control
upvoted 2 times
...
roastc
2 years, 4 months ago
Looks like answer A is correct. A logging agent is required to enable the custom logs pushed to Stackdriver https://cloud.google.com/logging/docs/agent/logging . Developers need only Log Viewer permission, which is enough in this case and Private Log viewer is a superset of log viewer permission with elevated permission to view the private data in logs. Which is not needed in this case.
upvoted 3 times
...
simbu1299
2 years, 4 months ago
Correct Answer is A
upvoted 1 times
...
scjs
2 years, 4 months ago
B is correct as it talks about application logs https://cloud.google.com/logging/docs/access-control The Logs Viewer role doesn't let you read the Data Access audit logs that are in the _Default bucket roles/logging.privateLogViewer (Private Logs Viewer) includes all the permissions contained by roles/logging.viewer, plus the ability to read Data Access audit logs in the _Default
upvoted 1 times
pddddd
2 years, 3 months ago
and why do you need the Data Access Logs?
upvoted 1 times
...
...
Load full discussion...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel