You are writing a Compute Engine hosted application in project A that needs to securely authenticate to a Cloud Pub/Sub topic in project B.
What should you do?
Click on the arrows to vote for the correct answer
A. B. C. D. E. F. B. C. . .B.
To securely authenticate a Compute Engine hosted application in project A to a Cloud Pub/Sub topic in project B, you need to follow these steps:
Based on the answers provided, the correct steps are:
Option A: This option suggests configuring the Compute Engine instances with a service account owned by project B, which is correct. However, it does not mention granting the service account permission to publish to the Cloud Pub/Sub topic, which is also necessary.
Option B: This option suggests adding the service account as a Cloud Pub/Sub publisher to project B, which is not correct. You need to add the service account as a publisher to the specific Cloud Pub/Sub topic that you want to access.
Option C: This option is empty.
Option D: This option suggests configuring the Compute Engine instances with a service account owned by project B, which is correct. However, it does not mention granting the service account permission to publish to the Cloud Pub/Sub topic, which is also necessary.
Option E: This option suggests adding the service account as a publisher on the topic, which is correct. However, it does not mention configuring the Compute Engine instances with a service account owned by project B, which is also necessary.
Option F: This option suggests configuring Application Default Credentials to use the private key of a service account owned by project B, which is correct. However, it does not mention adding the service account as a publisher to the Cloud Pub/Sub topic, which is also necessary.
Therefore, the correct answer is option D or option E, depending on the level of detail required:
Option D:
Option E: