This is an introduction to the Architecting with Google Compute Engine course series, which caters to the needs of cloud solution architects, DevOps engineers, and end-users who want to use Google Cloud to architect new solutions or integrate their existing systems, application environments, and infrastructure, particularly around Compute Engine.
Learning Objectives:
- Learn how to navigate through the course effectively.
- Understand how to download and utilize course resources.
IDENTITY AND ACCESS MANAGEMENT
1. What abstraction is primarily used to administer user access in IAM?
- Leases, an abstraction of periodic entitlements.
- Roles, an abstraction of job roles. (CORRECT)
- Credentials, an abstraction of an authorization token.
- Privileges, an abstraction of access rights.
Correct: Google Cloud IAM manages user access using pre-defined roles for IAM access. Such roles comprise fine-grained permissions for actions possible with users. However, permissions aren’t assigned directly to users, but assigned as roles to users, and through those roles, permissions are inherited. Thus, it is both flexible and secure to manage access control for administrators to manage permissions using roles instead.
2. Which of the following is not a type of IAM role?
- Custom
- Predefined
- Advanced (CORRECT)
- Basic
Correct: Of course! IAM has three major roles: basic roles, predefined roles, and custom roles. There is nothing called “advanced” roles in IAM.
3. Which of the following is not a type of IAM member?
- Service Account
- Organization Account (CORRECT)
- Google Group
- Google Account
- Cloud Identity domain
- Google Workspace domain
Correct: IAM has five types of members namely: Google Accounts, Service Accounts, Google Groups, Google Workspace domains, and Cloud Identity domains. There are no organization accounts in IAM.
STORAGE AND DATABASE SERVICES
1. What data storage service might you select if you just needed to migrate a standard relational database running on a single machine in a datacenter to the cloud?
- Cloud SQL (CORRECT)
- BigQuery
- Persistent Disk
- Cloud Storage
Correct: Cloud SQL brings managed services for both PostgreSQL and MySQL.
2. Which Google Cloud data storage service offers ACID transactions and can scale globally?
- Cloud Storage
- Cloud CDN
- Cloud Spanner (CORRECT)
- Cloud SQL
Correct: Cloud Spanner provides ACID (Atomicity, Consistency, Isolation, Durability) guarantees for transactional reading and writing in the database. Cloud Spanner also has the capability of being globally scalable.
3. Which data storage service provides data warehouse services for storing data but also offers an interactive SQL interface for querying the data?
- BigQuery (CORRECT)
- Dataproc
- Datalab
- Cloud SQL
Correct: BigQuery is a data warehousing service that is storage-friendly so that you can store large datasets and process them instantaneously without extracting data or running processing externally.