Google Associate Cloud Engineer - Practice Test 1
You lead a team of 10 developers, each with their own Google Cloud Project for experimenting with various Google Cloud solutions. You need to be notified if any developer's sandbox environment exceeds $500 in monthly spending. What is the most effective way to achieve this?
To monitor individual project spending and receive alerts when a specific project exceeds a threshold, a budget must be set up for each project. A single budget for all projects would only alert on the aggregate spend, not individual project overages. BigQuery exports and Data Studio dashboards are useful for detailed analysis but do not inherently provide automated alerts based on thresholds.
Your Google Cloud Dataproc cluster operates within a single Virtual Private Cloud (VPC) network, specifically in a subnetwork with the IP range 172.16.20.128/25. Currently, there are no private IP addresses available in this subnetwork. You need to add new Virtual Machines (VMs) that can communicate with your Dataproc cluster, and you want to achieve this with the fewest possible steps. What is the most efficient solution?
The most efficient solution is to expand the existing subnetwork's IP range. Modifying the subnet from 172.16.20.128/25 to 172.16.20.0/24 directly increases the available IP addresses within the same network segment. This avoids the complexity and additional steps involved in creating new secondary IP ranges, new VPC networks, or configuring VPC Peering.
You manage a Google Kubernetes Engine (GKE) cluster for your organization, which hosts various non-production workloads for different teams. The Machine Learning (ML) team requires access to Nvidia Tesla P100 GPUs for model training. You need to implement this solution while minimizing both effort and cost. What is the most appropriate action to take?
Adding a dedicated GPU-enabled node pool is the most cost-effective and efficient solution. This approach allows specific workloads requiring GPUs to utilize them without impacting other workloads or incurring unnecessary costs by enabling GPUs on all nodes. The nodeSelector ensures that ML team pods are scheduled only on the GPU-enabled nodes.
You have installed the gcloud command-line interface (CLI) and authenticated with your Google Account. Many of your Compute Engine instances are located in the `europe-west1-d` zone. You want to streamline your workflow by avoiding the need to specify this zone for every CLI command when managing these instances. What is the most efficient way to achieve this?
The `gcloud config` subcommand is used to manage gcloud CLI properties, including default zones and regions. Setting the default zone with `gcloud config set compute/zone europe-west1-d` eliminates the need to specify it in subsequent commands. While metadata can store project-wide defaults, the `gcloud config` command directly configures the CLI's behavior for the current user or project.
You have received a JSON key file for a Google Cloud service account to access specific resources within a project. After installing the Cloud SDK, you need to configure your environment to use this private key for authentication and authorization when executing `gcloud` commands. What is the correct method to achieve this?
To authenticate `gcloud` commands using a service account key, the `gcloud auth activate-service-account` command is specifically designed for this purpose. It allows you to import the service account credentials from a JSON key file and set them as the active account for your Cloud SDK configuration. Other methods like `gcloud auth login` are for user accounts, and simply placing the file in directories or renaming it will not properly configure the SDK.