Crucial Exams

GCP Associate Cloud Engineer Practice Question

Your company runs several Compute Engine VMs in the prod-vm project. The security team must let on-call SREs start or stop instances during incidents, but the SREs must not be able to create, delete, or modify any other resources. No existing predefined IAM role grants exactly this permission set. What is the most appropriate action to meet the requirement?

  • Create a custom IAM role containing only the start and stop instance permissions, then grant that role to the on-call SRE group on the project.

  • Create a service account with the required permissions and distribute its key to the on-call SREs for impersonation.

  • Grant the predefined role roles/compute.instanceAdmin.v1 to the on-call SRE group.

  • Grant the Project Editor role and add an organization policy that denies instance deletion.

GCP Associate Cloud Engineer
Setting up a cloud solution environment
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot